Decentralized identity: blockchain-powered identity for the age of the internet
|Get all the essential market news and expert opinions in one place with our daily newsletter. Receive a comprehensive recap of the day's top stories directly to your inbox. Sign up here!|
(Kitco News) - The promise of blockchain technology expands far beyond crypto speculation and digital stores of wealth as there are a wide variety of applications in everyday life, from identity verification to secure database management.
Last Thursday, the Polkadot ecosystem announced that Deloitte had become the latest major enterprise partner to work with a project in the network, specifically KILT Protocol, a project that is focused on providing digital identities.
According to the announcement from KILT, Deloitte Consulting AG has integrated with KILTs blockchain technology for issuing reusable digital credentials to support KYC and KYB processes. “These credentials have multiple use cases including regulatory compliance for banking and Decentralized Finance (DeFi), age verification for e-commerce, private logins and fundraising,” the announcement said.
At the recent Consensus conference held at the end of April, Kitco Crypto sat down with Ingo Rübe, the founder of KILT Protocol and CEO of BOTLabs GmbH, the initial developer of KILT, to learn more about decentralized identity and how businesses can utilize the technology moving forward.
Rübe said that KILT is a layer-one blockchain and parachain within the Polkadot ecosystem that has one single function: digital identity.
What is a decentralized identity?
While many blockchains strive to do everything, from smart contract support to hosting a variety of decentralized applications related to DeFi and NFTs, KILT harnesses the collaborative power of the Polkadot Parachain to focus on digital identity.
“What it can do is it can provide DIDs, which are decentralized identifiers, and it can provide verifiable credentials,” Rübe said. “Together, these things generate decentralized identity.”
Decentralized identity is somewhat similar to what we have currently in the physical world, Rübe said, because it's based on identifiers like your face, fingerprint, or signature. “Those things are absolutely decentralized because they belong to you, they're not given to you by the government or by a company or organization. It's just yours, 100% yours.”
In the physical world, you receive credentials from trusted entities, like a degree from a university or a passport from a government, and these credentials refer to one of your identifiers, he said. Your passport, for example, has a picture of your face on it so the two things can be connected.
These credentials are issued by a trusted entity but controlled by the individual, meaning you decide when to show them, where to show them, and to whom to show them – without the issuing entity knowing who you have shown them to – which makes them decentralized, Rübe explained. “So, for the last 500 years, we had quite a perfect system for our identity – then came the internet.”
This led to the creation of “big data” and “big identity” players who control 100% of your identity, he said. “They control your identifiers because [the identifiers] are inside their database and they control your credentials because they are inside their database. They can switch you off and they can do whatever they want with it, which is wrong and potentially pretty dangerous.”
This state of affairs led to firms like Microsoft, IBM, and Kilt deciding in 2017 that something needs to be done, and over the next five years, they developed standards for data distribution services and verifiable protections.
Kilt specializes in implementing these standards in a decentralized setting. “You can use decentralized identity for everything where you would use your physical identity,” Rübe said. “You can use it for access control into buildings, logging into websites… there’s basically a ton of use cases, even some that we can’t imagine yet.”
DID use cases
One example Rübe gave was a hospital that wanted to sign its research work before it was published and needed a timestamp on the blockchain to do it. “We built an application for that project, and it worked,” he said.
DIDs can also be attached to all manner of objects or assets, such as freshly mined gold ore that is en route to processing and refinement, enabling it to be recorded and tracked on the blockchain.
Rübe went on to note that governments have also shown interest in and understand the concept of verifiable credentials, but they “are not very thrilled about the DID because they think that they own the identity today, so they should own the identity in the future.”
“But this is wrong because they don’t own the identifiers. I own my identifiers and not the government,” Rübe said. “The government today just gives me a verifiable credential. So also in the digital world, the government should be an entity that is trusted and issues verifiable credentials.”
He warned that a future where governments control your identity is one where they can switch off your identity if you do something that they disagree with. “When digital identity gets more and more use cases, such as in healthcare and banking, and you do something that displeases the government, they could, with just one click, switch off your identity. You are basically digitally dead,” he said. “ I don't want the government having this ability.”
KILT specializes in making the infrastructure upon which companies can build their own identity systems. One potential application is the creation of “social KYC,” which verifies that you are the one in control of certain social media accounts, like Twitter, GitHub, Discord, etc. The KYC system would challenge you to demonstrate that you control each account, and once you pass the challenge and have proven you really control the account, you would receive a credential.
“This credential is then put into your identity wallet,” Rübe explained. “You control it, and can use it to verify your identity in the future. And we can have 10 of those credentials. This makes it much more certain that you are actually who you say you are.”
He then touched on the forthcoming announcement from Deloitte, saying that in the following week, there will be an internationally recognized KYC provider that will unveil an identity solution based on KILT. “You can have your identity verified with this KYC provider, and they will give you another credential that you can use, for example, to participate in an initial coin offering (ICO) or open a bank account.”
|TransUnion to provide credit ratings to DeFi lenders|
Risk of DID theft
On the topic of identity theft, Rübe said the risk of someone accessing and using your decentralized identity is low because, similar to the physical world, identifiers such as your picture will be attached to allow for proper verification when a DID is used. “Signing with the DID is like taking your face and putting it alongside your signature,” he said. “A thief would have to have access to the DID and to the verified credentials at the same time.”
This is where blockchain technology plays a crucial role in the process. “The validity of any credential is saved on the blockchain and can be changed by the issuer,” he said. “That means that if I have a verified credential and I lose my DID because it got compromised, and I lose my verified credential at the same time, and someone gets access to both of them, I can still call the issuer and ask them to invalidate my credential.”
This capability was noted in the KILT-Deloitte partnership announcement. “Credentials are digitally signed by Deloitte,” it stated. “Deloitte can revoke credentials using blockchain technology if conditions of the customer have changed after the credential was issued.”
Why KILT chose to build in the Polkadot ecosystem
When asked why KILT selected the Polkadot ecosystem to build its protocol, Rübe said a major factor was the variability in transaction costs on Ethereum “which the industry can’t cope with.” Attaching a DID to something that has a production cost of $2, but having to spend $1 one day and $20 another day to complete the same process is unfeasible, he said.
“The only way to have stable prices is to run your own blockchain,” he said. “So the decision was made to launch a level-one blockchain.” Being a part of the Polkadot ecosystem means that KILT can leverage other parachains to do things like host smart contracts and DeFi platforms, leaving KILT to focus specifically on decentralized identity.
“The fundamental idea of Polkadot is one of cooperation, collaboration, and lack of competition in other networks,” he said. “We are not competing for computing resources. We all have our own computer, and this enables us to collaborate and make the ecosystem better. We just focus on one thing – identity. And this works together with all the other Polkadot parachains. Forced collaboration is much better than competition.”