Most people at least know that blockchain is the technology that bitcoin and other cryptocurrencies are built on, but a digital ledger that timestamps and orders transactions in an easily trackable and immutable way has a lot more uses.
In this fourth article in the PYMNTS’ Blockchain in Action Series, we’ll look at how a distributed digital ledger can create a digital identity that is sharable without giving up privacy and trust because it cannot be faked or forged.
We’re not talking about the anti-money-laundering (AML) type of digital identity, but about identification credentials of the type you’d need to present to a bank or cryptocurrency exchange to satisfy know-your-customer (KYC) requirements.
There are a couple of facets to this use of blockchain technology, known as tokenized identity or digital identity.
One is privacy. We’ll get into the “how” later, but the idea is that people could have tokenized, and likely biometrically accessed identity documents that they can control, only giving out the necessary details: Is this person a citizen? Yes. Does the company or agency collecting this person’s information now have their Social Security Number in its very hackable database? No.
Another facet is security. By using blockchain to create a distributed identity token rather than using the current system in which various services providers all have very hackable centralized databases of digital identity and connected data.
So, what would blockchain bring? An unalterable — immutable, in crypto lingo — record that cannot be forged or changed.
“National identification programs are gaining prominence as countries are striving to establish a unified database of robust, unique identity documents of citizens for ease of governance,” said Aravind Srimoolanathan, senior research analyst, at Frost & Sullivan, in November.
By combining blockchain, artificial intelligence and biometric scanners, digital IDs will make transactions ranging from mobile banking to signing up for a driver’s license simpler and more secure, said Srimoolanathan, predicting that “single-token digital identity for individuals” will be in place by 2030.
This will, proponents say, cut into identity theft and take private data away from the tech giants and other corporations by limiting what they collect, giving control back to the people.
In a 2021 study, PYMNTS and Equifax found that corporate interest in digital identity is booming, with more than two-thirds of businesses “planning to invest in digital authentication solutions to win over new customers” and also streamline their own internal processes.
And in the wake of the pandemic, nearly 40% of the companies responding said that digital identity verification is growing more important.
On the other hand, a digital ID system — particularly a nationally issued one — is more likely to limit access to the information that can be collected, by design or law. An employer would need access to degrees and qualifications, but wouldn’t need access to medical data except as far as providing proof of coverage.
More broadly, a blockchain-based digital ID program that connects users with their data via a cryptocurrency token would be simpler, more trusted, and would be far easier to make interoperable across everything from private companies to international borders.
How Does it Work?
The principle of blockchain-based digital ID is really very simple. Most blockchain digital ID platforms generally have six parts.
- First, an owner. The person (or thing) that the digital ID identifies.
- Second, a blockchain on which the digital ID lives. The data here cannot be removed or changed but can be added to. For example, if the owner is granted a college degree, earns (or loses) a security clearance, or buys health insurance.
- Third, an issuer. A company or — often a state agency — that verifies the identity of the ID owner and signs the confirmation of accuracy with a private key that cannot be reused.
- Fourth, a digital wallet. The tool that lets people build and add to their digital ID over time, and allows them to provide access to service providers
- Fifth, a digital identifier. The DID verifies the person (or thing) is who he or she says they are. This generally includes biometric data.
- Sixth, service providers. The agencies or companies that accept the digital ID as a way to access services or obtain goods.
The Front Lines
This technology has already been stress-tested in programs focused on the one billion people around the world do not have identity documents, ranging from refugees fleeing violence and oppression to the poorest people in developing countries who simply cannot obtain an ID — effectively keeping them unbanked, unable to prove ownership of land, unable to vote and generally trapped in poverty.
This is thanks in large part to the United Nations, which made digital ID for all a 2030 development goal. As far back as 2018, the U.N. High Commissioner for Refugees (UNHCR) began using blockchain-based digital identity documents at Zaatari, a then-75,000 person Syrian refugee camp just inside Jordan, allowing residents to obtain monthly food aid payments and use them at stores via an eye scanner.
As recently as last month, the Times of India reported that researchers are building a next-generation version of the country’s Aadhaar digital identity program, considered by far the world’s largest digital identity system with more than one billion users. Using both eye and fingerprint scans, Aadhaar links a person to a 12-digital ID number which can be used as a digital KYC document in pretty much any interaction with the state as a fraud-prevention measure and has become largely necessary for any kind of corporate interaction, like signing up for a mobile phone or bank account.