Digital Identity: A Fad or the Future?

For the past few years, a lot of discussions have been ongoing around the topic of digital identity and how viable it is. With rising concerns regarding user personal data safety and online privacy, a lot is riding on the proper implementation of the Web3 concept.

There are a few things we need to keep in mind with regard to digital identity. It needs to be safe, it needs to consider the user’s data and properly handle them, and most importantly, it needs to put control over this data in the user’s own hands. These may seem like difficult things to group into one product, especially when digital identity assumes storing someone’s online data somewhere.

You already have an online identity

What many users don’t know is that you already have an online identity. While this may differ from the digital identity concept highlighted in this piece, it still offers a case study over what great lengths corporations will go in order to get their hands on your data. This can help us determine how to approach the idea’s technical aspect to keep our data protected while offering all the conveniences of Web3’s digital identity.

The tech industry’s cookie monster

When you visit a website, you may have noticed a cookie disclaimer at the bottom of the page. You may have either dismissed it in a rush or clicked on “Accept All” because the popup was blocking a significant portion of the screen. By doing so, you’ve just provided the website with your online identity. This will share with them sufficient data about what you like, what you’ve searched for, what websites you’ve visited, what you’ve googled, and your IP address, which holds information on your device and location.

When Facebook was under fire for its data-hungry behavior, the topic of user privacy was heavily discussed, bringing attention to what can be considered predatory data acquisition and what can be thought of as fair data collection. Ever since, websites have started adding cookie banners, warning visitors that the website collects data in order to “improve your experience”. While this is code for “provide you with targeted ads”, you have the right to disable non-essential cookies. What’s odd is that people are truly concerned about their privacy, but their lack of technical knowledge is putting their online identity at risk, as it happens that 76% of users completely ignore cookie banners.

What do we expect from Web3’s digital identity?

When we’re discussing digital identity, the majority of people consider these to be the main focus:

• Security: Your data should be securely stored, handled, and distributed
• Privacy: Only certain information should be shared with organizations and services– only the essentials.
• Convenience: This form of identification should be convenient, otherwise there is no incentive for an industry-wide transition to Web3’s digital identity concept
• Control: The user should have full control over their data. If they’d like to vanish from the grid, they should have the option to do so. If they’d like to prevent a certain service provider from acquiring their data, they should have the full right to do so. Their data, control, and distribution should be at their discretion.

Is this a concept fit for the internet of the future?

While this is a rather complicated question, the short answer is it depends. The solution must be properly implemented, with careful consideration put into all possible loopholes in order to offer full user data protection. We’ve seen how companies have scrambled to circumvent mandatory cookie disclaimers, branding the majority of cookies as “essential cookies”. This is a practice that can’t be tolerated in a decentralized digital identity solution.

Why are users suddenly concerned about their data safety?

It’s no surprise that cryptocurrencies have been gaining a ton of attention, which allowed this industry to finally break into the mainstream. This attracted interest from individuals as well as corporations, requiring additional steps to ensure everyone’s safe crypto dealings. This led to increasing action taken by governments to regulate the decentralized sphere, making digital identities an increasingly relevant topic of discussion. Additionally, with numerous data leak reports plaguing the media, it’s no surprise that users have become increasingly wary when sharing their personal information. The rise in crypto’s popularity, coupled with increasing consumer awareness with regard to cookies and user data security, paved the road for digital identities.

As mentioned previously, KYC has almost become a prerequisite to gaining full access to online services. For instance, your data is being stored by Uber, carsharing services, online exchanges, your bank, and many other organizations. This can exponentially increase your risk of exposure to a data leak.

The largest leaks in 20 years led to the loss of 13.2 billion records containing user personal data, and these only include confirmed cases that were covered by the press. By 2025, this figure could reach 17 billion. This kickstarted numerous concepts promising to safeguard users when surfing the internet.

What options are available right now?

Currently, there isn’t an abundance of products offering a proper implementation of digital identity. However, there is a promising option from the company Hashbon. They call it Hashbon Pass.

The Hashbon Pass or NFT passport by Hashbon FiRe is the decentralized protocol for reusable identity verification on blockchains such as Ethereum, BNB Chain, Polygon, and other EVM-compatible networks. It challenges user-identification norms by favoring the client’s data security over the industry’s desire to acquire as much data as possible. It does so by facilitating KYC without the transfer of any user's personal information.

According to their documentation, Hashbon Pass strives to achieve two main goals:

• Simplify the user's interaction with the constantly-evolving DeFi space;

• Preserve the core values of the industry in the face of looming government interference and regulation.

  
  

While other players in the crypto & DeFi fields have been utilizing the artistic value of NFTs, Hashbon took advantage of their underlying utility. Through creating the anonymous KYC/AML TAWP protocol (Tokenized All Web3 Pass), which allows users to use NFTs for passing KYC procedures without having to upload their sensitive document on every single service you use.

Let’s see if their offering touches all the bases of digital identity’s proper implementation:

Security

They have stated that using Hashbon Pass means no more careless data transfers, as user data is stored only by licensed verifiers. This means that services are obligated to be in full compliance with GDPR. This can mean that big tech will find it difficult, if not impossible, to circumvent these procedures, leaving compliance the only option.

Privacy

Only your basic information is stored along with your Digital Passport, meaning that services can’t acquire your information through your sole visit to their website, keeping your information private.

Convenience

KYC procedures can be passed with one click. This is a far superior option to the one available right now, which is to upload your documents, fill in your details, and provide numerous papers as proof of residency.

Control

They claim that you are in control of your data, meaning that if you’d like to burn your digital passport, you can do so with ease. Also, you can opt-out of sharing information with services, as they cannot acquire your digital ID without your permission, putting control over your own data in your hands.

What now?

It’s clear to see that decentralized digital identity isn’t just a gimmick. There is actual utility behind the concept, offering advantages that the industry needs. With regulators and tech companies playing a game of cat-and-mouse, it’s difficult to come up with a solution that favors the user over corporations. This means that consensus needs to exist in order to make big changes. It does, however, give us a glimmer of hope to see a tech company thinking of ways to protect our online identities. It may be too early for companies to adopt this form of verification on a mass scale, but it’s only a matter of time before this becomes the industry’s main focus.