Decentralised identity is the `Sign In With Google` equivalent for the physical world, except you are in control of your data.
Image Source : Dilbert Strip for October 2010
What is this Decentralised Identity?
So how does decentralised identity work? Decentralised identity models lets users share identity verifications over a blockchain network. The identity itself is not stored on the blockchain network, instead DID uses verification method that lets you verify a claim without actually sharing the identity. Your identity is with your control at all times and is never actually shared, eliminating most identity theft problems.
, different networks can reserve did identifiers like domain names and can then be used to issue identities, so a DID issued by google could look like
and a DID issued by the US government could look like
You can think of this like the SSN in the US or the PAN in India, it is one single identifier that lets you authenticate across all services, but unlike SSN/PAN nobody can misuse you identity in case of DID because the identifier itself has no meaning unless signed by your keys.
And these keys are never shared, they live inside your mobile device (or a secure server if you choose to) and will authenticate every request for identification. Some protocols also use a different temporary DID for all relationships, ie. the DID for your schoold and your office are two totally randomised values and ensures your DID is never compromised by any single service.
Another important feature of DIDs is the selective sharing of data. Lets say a service wants to know your age, in the present situation, you would present your ID to a human who then checks your age and admits you. With DIDs, you dont even have to share your age, the service will simply query your did with a condition like is age > 18 ? and if that statement is true, the DID returns a success message, the service still does not know about your age, it simply knows if your old enough to use their service. This can be expanded to a lot of arenas, you don’t have to share your age at a hotel, they can simply check if you are over 18 (with your consent, ie. if you approve the request), you do not have to share your bank statement with a real estate agent, he can simply query if you have put up an escrow.
What does the future look like?
DID is the future of identity and authentication, we are right now relying on identitifcation systems built for the pre-internet generation, DID is digital native and is built for the internet. It is still in its very early days, so early infact a proper standard has not been agreed upon yet. The backbone of the internet, TCP/IP was standardised in 1982, so we are a long way from seeing a standardised DID setup being used internationally.
DIDs combined with CBDCs (Central Bank Digital Currency) will ensure that identity verification and issuance can move to a completely paperless process.