Identity and Security on the Internet
The internet was created without a native identity layer and different Internet solution providers have developed ad hoc identity solutions that are inconsistent. With billions of people now online, the drawbacks are more apparent, more so with the emergence of Web3. Decentralized Identifiers (DID) are globally unambiguous identifiers that can be used to identify any subject (e.g., a person, an organization, a device, a product, a location, or even an abstract entity, or a concept) and enable secure online transactions. DID is a new type of verifiable identifier, which does not require a centralized registry. DID enables the controller to verify ownership of the DID use cryptography while ensuring security.
What does DID bring to the Security Landscape
W3C Decentralized Identifiers are portable across service providers and can last for as long as their controller wants to continue using them. DID can also be used as a tool to verify professional documents, including passports and driver’s licenses. Users can securely navigate across a variety of platforms with DID with a consistent identity for their wallet and personal information.
DID solutions can help uphold the integrity of users’ data and provide new safeguards for users. They can verify identities, authenticate traceability, validate digital assets, and enhance the overall security of the internet. DID applications can help users successfully control and manage their own digital identities, where they can log in securely to different systems without exposing their privileged information.
The decentralized identity market size is expected to grow from USD 285 million in 2022 to USD 6,822 million by 2027, at a Compound Annual Growth Rate (CAGR) of 88.7% (Source).
Additionally, one-click login & onboarding with identity verification was the application that most people (57%) felt the need for decentralized digital identity among Web 3.0/DeFi implementations in a 2021-22 survey (Source).
The Problems that DID Solves
Web3 requires a critical degree of security throughout the ecosystem to ensure its full potential so that every transaction is accurately recorded and cannot be altered. Without DID solutions, there is a risk of users losing their sensitive valuable, and confidential information to hackers and fraud.
The adoption of crypto and advancement across Web3 has increased rapidly but there are still significant barriers that stand in the way of mainstream adoption. DID can address some of the current Web3 pain points related to:
Nonfungible tokens (NFTs), Identity and Authenticity issues, fraud, and plagiarism threats affect artists or creators. An example is a work of digital artist Derek Laufman (designer of Marvel superhero stories) being auctioned on NFT platform without his knowledge. To counter such issues, applications can be built on DIDs to allow creators to prove that a given NFT was created by them. Buyers and sellers can verify the authenticity of digital artwork.
Growth of Decentralized Finance (DeFi) – Collateral requirements limit most cryptocurrency traders looking to take advantage of leverage. Reducing or completely removing collateralization requirements would enable mass adoption of DeFi. The DID layer can provide users with credit-based loans and help users directly control their own credit scores, better monitor, and adjust their own lending behavior. So far the identification has been issued by the government. With DeFI we need a global level of identification and KYC.
KYC and other identity controls could change DeFi by allowing regulated entities to participate as intermediaries, directly and indirectly. DeFi protocols could enable trusted third parties, like identity providers, to perform the KYC.
Decentralized Autonomous Organizations (DAOs) use token-based governance for voting, governance, or prioritization but it can preclude or de-prioritize active contributors without significant capital. Each DAO member of the hundreds of DAO needs to build their reputation within, only through participation. DIDs can help users maintain their reputation across multiple DAOs. Porting credentials from one DAO to another is easier with DID.
DID Architecture
The DID specifications are based on foundational pillars. DID metadata is resolvable and can be discovered. DID are:
- Decentralized – do not require a central issuing agency
- Persistent- do not require an underlying organization
- Cryptographically verifiable
The DID ecosystem is made up of layers, with each layer on the top, building upon the underlying protocol. It includes:
- Identifiers, standards, and namespaces provide a common layer of trust ensuring standardization, portability, and interoperability.
- Infrastructure and proxy framework for direct interaction between applications and verifiable data registries.
- Credentials must be managed, updated, and exchanged.
- Applications, Wallets, and Products that provide consumers with real use value.
Markets and DIDs
W3C Decentralized Identifiers and W3C Verifiable Credentials are used across several markets where identification and data authenticity are a concern:
The Retail and the E-commerce sector have seen rising digitalization, outlining the need for increased authentication given the complexities in data systems. Convenience stores, grocery stores, restaurants, bars, and consumer goods companies can use DIDs for new digital age verification programs to increase privacy and checkout speed, prevent unauthorized data access, reduce data losses and eliminate the use of fraudulent identity documents during purchase.
The Financial Services industry depends on identity verification to check illegal activities such as bribery or money laundering. DID can help refresh KYC processes by allowing for the effective outsourcing and decentralizing of personal data, while also allowing the owners of the data to retain full control over it. DID can help in the shopping and purchase of insurance products, finance and credit products, e-finance, and cross-border remittance.
According to Forbes, major banks each spend up to USD 500 million on cybersecurity every year, with USD 25 billion being spent in the US on AML compliance. Source
Governments – Government agencies in the US, Canada, and EU are exploring the use of DIDs to provide privacy-protecting digital identity documentation for their businesses and residents, enabling them to choose how and when their data is shared.
Supply Chain operators and stakeholders such as global government regulators, trade standards institutions, vendors, shippers, and retailers use DIDs to design systems that verify the origin and destination of products and services accurately. This will streamline and enable the reporting and documentation to apply correct tariffs, prevent dumping, and monitor transshipment.
Personnel and Workforce – Universities, education standards organizations, and training programs use DIDs to issue digital learning credentials when applying for higher education or workforce positions.
DID going Mainstream
Being a key technological foundation to support native Web3 applications, World Wide Web Consortium (W3C) has declared that Decentralized Identifiers (DIDs) v1.0 is an official Web standard. This verifiable identifier enables both individuals and organizations to take greater control of their online information and relationships while also providing greater security and privacy.
Robust DID solutions can help Web3 to go mainstream by enabling new use cases. The composability and interoperability of DID standards help the momentum created from each new application feed on another. DID solutions having been declared an official standard by W3C we expect it to grow rapidly in the coming years. The presence of service providers can unlock the next major cycle of Web3 applications and the value therein.
Chainyard enabling DID
Chainyard has firsthand experience in building to W3C DID standards. The health wallet app is an example of its capabilities in this space while its use cases provide detailed insights about its projects along with sample UI/UX development. Chainyard is an innovator in blockchain and distributed ledger applications, and the owner and creator of Trust Your Supplier. The first Chainyard initiative in this space is the innovative MyHealth Wallet application, available on Android and iOS. It provides the user with a simple, tamperproof, and verifiable way to present and prove that they have taken a COVID-19 test.
The second in the family is the Trusted Health Checks mobile application that combines human validation and ML-generated risk scores and allows visitors to complete electronic health declaration forms prior to travel to foreign destinations.