Nowadays, personal data is not as personal as it once used to be. Major companies are selling data for huge profits and leaks happen all too often. Still, people are entering their personal data everywhere, as it has plenty of uses. So why hasn’t EOS, or any other major cryptocurrency, properly implemented a self-sovereign identity system yet? After all, blockchains are borderless and limitless.
A digital identity
Traditionally, ones identity is kept within government issued documents, such as a passport or drivers license, or kept safely within heavily secured government systems. But technological advances have caused identification to be something much more abstract. Digital identities are the next step in personal identification, although they also bring a whole host of new problems with them. Which information defines a user? And how little information is needed to still ensure an online identity is tied to a certain person?
A digital identity is (all) digital information associated with a certain identity. In general, three methods (or a combination of these methods) are used to authenticate a person digitally. The three methods are the following:
- Something you know: This is the most common method used to authenticate a person online. Something you know can be anything ranging from a simple code to a password to your first pet’s name. On almost every website or application which requires you to create an account, you need to fill in something you know before you can access your information on that website or in that application.
- Something you have: This is used in places where there is a bigger risk involved if somebody manages to steal your identity, and is often used in combination with the first method to authenticate a person. Something you have refers to something you (physically) own. An example being a debit card, which banks nowadays often require you to use in combination with a card reading device and your pin to access your bank account. A cryptocurrency example would be a hardware wallet, which requires you to have both the device and the corresponding pin for the wallet.
- Something you are: Lastly, you can authenticate a person digitally using something they are. Often used in high-security places and/or applications, biometric identity systems are perhaps the most advanced and fraud proof of all systems. These systems use facial recognition, fingerprints, or anything else that is unique for each person to authenticate a person.
But how can these systems get used in a blockchain? The standard way to access your wallet or account is using something you have. On a blockchain, this is one or more private keys. A more secure option is using both something you know and something you have, such as the hardware wallet described above. Finally, one could set up an even more secure wallet, using something you are to authenticate the user. One example being the new EOS IOS wallet, which is rumored to be released soon. But are there more possibilities?
Personal data on a blockchain, useful?
Security might be one of the use cases of a digital identity, but what might be even more interesting is the increased convenience when using a digital identity. After all, the reason people still enter their personal details in plenty of online places is that they want to receive a service or product conveniently and easy.
If cryptos and blockchains are ever going to see mainstream adoption they will have to be quick and the user experience will have to be flawless. Part of a flawless user experience is the usability of a product. Creating an identity system on top of a crypto, where users have the ability to put (some) personal data on a certain blockchain, would allow users to easily interact with the various dapps in the ecosystem of their crypto. Users could choose how much information they would like to share, depending on what dapps they are planning on using, and they should also have the option to remove any data whenever they wish to do so.
Another great use case could be a new generation of more secure wallets. Stories of lost keys and lost funds surface all too often. Giving people the option to put personal data, like your fingerprint, on a blockchain, could mean that only you, with your very own fingerprint, can access a certain wallet. No more keys means no more lost keys.
But that’s not all, data on a blockchain remains safe and accessible once it’s on there. No more loss of data as a result of faulty data centers. No more inaccessibility of data because a central organization decides so and to add on to that, people can have more control over their personal (digital) data.
But all these advantages come at a certain cost. The immutability of most blockchains is a double-edged sword. Putting information on a blockchain could mean it might not be possible to remove, possibly exposing things not meant to be exposed.
Having an identity document can also constitute a threat to the individual’s privacy and safety. What is needed is a form of identification that is trusted, secure, and allows the bearer to choose when to share or withhold personal information. -IDPass
Encrypting data before putting it on a blockchain also carries various risks with it. While the encryption might be fail-safe in the present, it might be easy to decrypt in the future, allowing others to access data they are not supposed to access.
So what does the future hold?
All things considered though, putting identities on a blockchain has many possibilities and can help those who currently don’t have access to an identity, often denying them many basic resources. It has the possibility to give blockchains the boost they need to receive mainstream adoption, and while it may be risky to put personal data on a blockchain, it may well be worth the risk. Especially considering biometric data is used more often to secure accounts and wallets nowadays.