Insights from Alberto Rosas: Transforming the Digital Identity Landscape

I recently spoke with Alberto Rosas, Co-CEO of Gamium and Co-Creator of Didit, about the evolving digital identity industry. In our conversation, Alberto discusses the need for an identity layer on the Internet, the role of blockchain in revolutionizing digital identity, the impact of regulations such as eIDAS 2 and Web3, and his vision for the future of Web3 and digital identity. Join us as we delve into the transformative potential of the digital identity landscape through Alberto's expertise.

Hello Alberto, thank you for joining me. Could you share a brief overview of your personal journey and how it has led you to where you are today?

My brother Alejandro and I have always been immersed in the world of technology. We began programming since the age of 12, entering the world of hacking systems such as WiFi networks and computers. Since then, we have continued learning, studying code, and exploring various emerging technologies. Their hobby quickly turned into a constant passion for science and computing. Afterward, we chose studies that provided solid mathematics foundations as we also dived deep into blockchain and AI.

At some point, we realize that many of the Internet's current problems, such as online fraud, identity theft, or bot attacks, have a common root in the lack of user identification. We researched and explored different options until we concluded that there were technologies that would make it possible to create an interoperable and decentralized identity.

Gamium came a bit later when we were exploring blockchain opportunities in identity. We realized that we could use the available technology to make a digital identity that could be used for everything, one identity to access all kinds of apps and services and be able to operate within them and make payments. Gamium was built around this idea, which eventually came into being Didit.

Gamium recently launched Didit. It aims to disrupt the digital identity space. Can you share some of the major problems you’re addressing with this solution?

The Internet doesn't have an identity layer. We want this layer to make it possible for people to have an interoperable account to access any digital service. With this approach, users will avoid having multiple passwords and login methods to remember, improving security in this field. The lengthy and repetitive onboarding processes and the poor user experience for payments will end, which usually involves many steps. With Didit, all these processes (onboarding and payment) are done by signing a digital transaction.

For business, Didit can improve the onboarding and payment processes to increase conversion. Social fraud, such as bots, impersonation, and spam, could also be addressable with our protocol. And the businesses will avoid the so-called cold start, which means they know nothing about the user when he registers. Now they can grab some knowledge if the users share their data.

You’ve written about a passwordless world. Please explain it briefly and how you’re utilizing blockchain tech to this end.

Didit is a self-contained protocol designed to empower users to manage their digital identities seamlessly over the Internet. An essential prerequisite is the capacity for users to execute digital signatures, typically facilitated by any readily available digital wallet.

Didit harnesses the existing blockchain wallet infrastructure for rapid adoption, taking full advantage of its inherent digital signature capabilities. Additionally, it employs blockchain technology for financial transactions, permitting users to transact on any compatible blockchain, thereby rendering Didit chain-agnostic.

Security is a cornerstone of our design, upheld by industry-leading standards like using a Hardware Security Module (HSM) for encryption and signing. In terms of scalability, we leverage the expansive capabilities of modern cloud infrastructure. The fusion of robust digital signature security and the extensibility of cloud computing positions Didit as an exemplary solution for managing identity data and executing financial transactions.

I will share a a comprehensive outline of the authentication and authorization process.

With this process, Didit creates a passwordless environment because anybody can authenticate with his identity in any application or service that integrates Didit just by signing a digital transaction.

I feel seamlessness and interoperability are key features of any digital identity solution, especially from the user experience perspective. What’s your view on this matter?

Seamlessness and interoperability are fundamentals of any digital identity that wants to serve users globally. The Internet has changed a lot in recent years, and we are already tired of the identity model we've been following. Our identity was fragmented into many pieces, different accounts, and profiles, but now I feel the users desire another concept to manage their data and access services. For that reason, we've built Didit as a human-centered tool. Our protocol is designed to give back users control over their data and remove all friction in accessing apps and services. We want the user to have just one account for everything. 

Given eIDAS 2 and the Digital Identity Act, what’s your take on the regulatory landscape around digital identities. And how does Didit achieve compliance in the face of rapidly changing Web3 regulations?

These European regulations were very relevant when we made the product concept. Didit has been designed taking into account the standards that the European Union is proposing for eIDAS 2.

Concerning emerging Web3 regulations, we are constantly watching what's new, and we will adapt to the new legislation that is to come. Until now, the focus on Web3 regulations hasn't impacted us, but, as I say, we will keep an eye on this field.

Let’s close this conversation with your vision for the future. Where is Web3 headed and how will digital identity feature in this journey?

That is a very interesting question. As we see it, Web3 has to converge into Web2. Web2 and Web3 will get closer and closer, eventually getting mixed up. This is a natural process and will happen sooner or later, although today, there is still a big gap between both worlds, and for a Web2 user, it takes work to get into Web3. Some technical barriers make this challenging to happen. What we are trying to do with Didit is also to reduce this complexity. Didit has an intuitive and easy-to-use interface but also connects with Web3, and it is based on a wallet, so users will be using Web3 technology by creating their digital identity with Didit.