What is decentralized identity in blockchain?

What is a decentralized identity in a blockchain?

Sovereign self-identity is a concept that refers to the use of distributed databases to manage personally identifiable information.

The idea of ​​self-sovereignty (SSI) is at the core of the idea of ​​decentralized identity. Instead of having a set of identities across multiple platforms or a single identity managed by a third party, SII users have digital wallets in which different credentials are stored and accessed through trusted applications.

Experts distinguish three main components known as the three pillars of SSI: the blockchain, verifiable credentials (VCs) and decentralized identifiers (DIDs).

Blockchain is a decentralized digital database, which is a ledger of transactions copied and distributed among network computers that records information in such a way that it is difficult or impossible to change, hack or cheat.

Second, VCs are referred to as cryptographically secured and verified credentials that implement SSI and protect users’ data. It can represent information in paper credentials, such as a passport or license, and digital credentials without a physical equivalent, such as, say, bank account ownership.

And last but not least, SSI includes DIDs, which are a new type of identifier that enables users to obtain a decentralized digital identity that is verifiable through cryptography. DID refers to any subject such as a person, organization, data model, abstract entity, etc., as defined by the DID controller. It is user generated, user owned and independent of any organization. Designed to be separated from central records, identity providers and certification authorities, DIDs enable users to establish control over their digital identity without the need for permission from any third party.

Besides SII, which is rooted in blockchain, DIDs, and VCs, the decentralized identity architecture also includes four other elements. They are the holder that creates a DID and receives the verifiable credentials, the issuer who signs a verifiable credential with their private key and issues it to the owner, and a validator that verifies the credential and can read the issuer’s public DID on the blockchain. Moreover, the decentralized identity architecture includes special decentralized identity wallets that feed the entire system.

How does a decentralized identity work?

The basis of decentralized identity management is the use of crypto-decentralized wallets based on a blockchain.

In a decentralized identity framework, users use decentralized identity wallets – special applications that allow them to create their own decentralized identifiers, store their personally identifiable information and manage VCs – rather than keeping identity information on many websites controlled by intermediaries.

Besides the distributed architecture, these decentralized identity wallets are encrypted. Passwords to access them are replaced with non-fraudulent encryption keys which are not a single weak point in the event of a breach. A decentralized wallet creates a pair of cryptographic keys: public and private. The public key identifies the concrete wallet, while the private key, which is stored in the wallet, is required during the authentication process.

While decentralized identity wallets transparently authenticate users, they also protect users’ communications and data. DApps only store personally identifiable information, verified identity details, and information needed to establish trust, prove eligibility, or complete a transaction. These wallets help users grant and revoke access to identity information from a single source, making it faster and easier.

Moreover, this information in the wallet is signed by several trusted parties to prove its accuracy. For example, digital identities can obtain approval from issuers such as universities, employers, or government structures. With a decentralized identity wallet, users can provide proof of their identity to any third party.


#decentralized #identity #blockchain

Leave a Comment

Your email address will not be published. Required fields are marked *