How Blockchain Authentication Can Pave the Way to Self-Sovereign Digital Identities

The inability to verify someone’s identity in an online setting has been a thorn in the Internet’s side for years.

That’s why most service providers that conduct business online require access to personally identifying information (PII) in order to check who’s on the other end. This is usually followed up by the creation of a unique username/password combination that the user will use for authentication in the future.

This is a problematic scenario on two fronts.

On one hand, service providers have to keep careful watch of constantly expanding databases filled with sensitive PII. On the other, users are forced to share their personal information and rely on weak username/password schemes to keep their data safe. Yet, despite these glaring issues, little to no progress has been made in recent years in terms of improving processes of verifying identities whilst online.

However, the growing adoption of blockchain technology might hold the answers we seek as blockchain authentication appears to be an excellent solution to the current woes of identity verification processes.

digital-identities-fingerprint

Blockchain Authentication Could Be a Turning Point for How We Verify Identities Online

Blockchain authentication poses a perfect counterpart to the current identity verification protocols. The entire blockchain-powered network is capable of verifying its own data integrity, which means that there’s absolutely no need for a third party to keep an eye on the network.

Instead, both data validity and security are guaranteed by the immutable blockchain ledger, while access to data is handled through the use of smart contracts.

This is how using blockchain for authentication would work – the personal information needed to authenticate someone’s identity would be stored in the form of hashes which can be used for identity-related attributes, such as name, unique identity or social security number, or biometric data.

In such a blockchain-based authentication system, the ownership of a piece of data would be determined by the knowledge of a private key. Since users would be the only ones in possession of that key, we’d have an environment in which the identity bearers are the true owners of their own private data.

Whenever a service provider would need a proof of identity, all a user would have to do is verify themselves to the blockchain with a private key and then grant access to the third party wishing to check up on the PII. Since the data is stored on a blockchain, the service provider wouldn’t have to worry about whether the information might be false or belonging to another person.

And, to the delight of data owners, tricking the authentication process would be a much greater task, if not completely impossible to pull off.

Main Benefits of Using a Blockchain to Authenticate Digital Identities

We’ve identified a total of four main reasons why so many believe blockchain authentication will revolutionize the way we manage digital identities:

  • No central entity
    The main calling card of utilizing decentralized systems is that they enable us to store and handle data without the need for a central administrator to watch over it.
    The data would be verifiable by a vast, peer-to-peer network, which means massive third-party data breaches or incidents of selling the data would no longer occur.
  • Impeccable security
    From the moment blockchain was conceptualized in the early 1990s, it was devised as the most secure method of storing data in existence.
    The decentralized manner in which a blockchain functions eliminates single points of failure inherent to centralized systems.
  • No way to fake the data
    Within a blockchain-based authentication environment, there would be no way to fake an ID, passport, credit card number, etc.
    Even if a would-be hacker was able to access the data without proper approvals from the data owner, he wouldn’t be able to copy it. It would be impossible to add a new block to the chain without the majority of nodes verifying its validity.
  • Total user control over data
    Unlike with current protocols in which the third party companies basically become data owners once users hand the information over, a blockchain network would enable users to be totally in charge of their data.
    They’d have full control over who has the right to use their data and what can be done with the information once access has been granted.

digital-identities-finger
Image via BlockchainTechnologies

Blockchain Identity Authentication Issues that Need to Be Ironed Out

Despite all the promise it holds, blockchain identity authentication still has a few worrying aspects that need to be solved if such a system was to be built. We’ve narrowed them down to four:

  • Incentivizing the nodes
    In order to function, a blockchain requires lots of different independent participants in calculating the system.
    A system used solely for blockchain authentication would have no cryptocurrency running through it. There would be no financial benefit to being one of the nodes, so some other form of rewarding people would have to be figured out.
  • Permanent loss of access
    If the only way to gain access to the personal data stored on the blockchain is through a private key, what would happen if a user was to lose his or her key?
    If such a turn of events was to happen within a centralized system, you’d simply call the institution that issued the document and tell them you got compromised. However, in the case of a decentralized authentication system, there’s no central entity, so there would be no way to get a new private key used for data access.
  • Scalability issues
    While unquestionably secure, blockchain-based systems tend to get rather complex, rather fast.
    Scalability could be a huge hurdle for public blockchains (one of several key differences between public and private blockchains), which leads us to believe that this system could be too slow for the tasks it would be expected to complete.
  • Inability to alter data
    In part, blockchain guarantees data validity by making sure that the data uploaded to it can never be altered in any way, shape or form.
    Within the context of an identity authentication system, this represents quite an obstacle. People change their private data often, so a blockchain-based authentication system would have to provide this option.

Blockchain Authentication Could Spark Something We Never Had Before – Self-Sovereign Digital Identities

While we do feel the aforementioned concerns need to be resolved, there’s little doubt in our mind that blockchain technology will play a major role in future identity authentication solutions.

Nena Vuckovic, Blockchain expert and CEO at TheBlockBox, is certainly among the believers in blockchain authentication:

“Of all the potential adoptions of blockchain technology, identity authentication poses an almost ideal hand-in-glove fit. All the issues commonly associated with online authentication are so perfectly patched by blockchain’s features that it’s only a matter of time before we start seeing mass adoption. And, when that moment comes, the way we use the Internet will be in for nothing short of a true revolution.”

Done right, a blockchain-based authentication system could significantly lower the number of identity theft and data breach incidents, if not completely eradicate them. It could also empower us with something we’ve never really had before – secure and cost-efficient self-sovereign digital identities, controlled solely by identity owners themselves.