Leveraging blockchain to decrease data breaches, increase security

Originally posted in AnswersOn


In the not-too-distant future, blockchain will get personal - very personal. That's a good thing when it comes to integrity of your digital identity.

The Internet is a complex space for identity management. Every site has a login and password, and those sites which have federated their login credentials have become massive targets for hackers. In addition, the largest institutions charged with holding onto private information have become single points of failure; e.g. Equifax and the federal government’s Office of Personnel Management (OPM). As the security breaches have grown in size, so too has the importance of finding a new solution to protecting of data in our always-connected world.


The solution will soon be in our hands

In the not-too-distant future, you will have a digital wallet containing hundreds or thousands of Decentralized Identifiers (DIDs). DIDs are described as a new type of globally resolvable, cryptographically verifiable identifier registered on a distributed ledger. These will be unique, encrypted, addresses that each of us holds in a mobile app to verify something about us; e.g. our age, height or even personal preferences. They will be granted by a trusted source, but we will hold on to these privately and have complete control over them. As the Sovrin Foundation explains, “The next evolution of the Internet will be the creation of a common identity layer that allows people, organizations and things to have their own self-sovereign identity—a digital identity they own and control, and which cannot be taken away from them.” This monumental shift enabled through the use of blockchain will change the paradigm of ownership of identity from the traditional large organization like Equifax into private hands.

How will DIDs work?

I would expect that in the next five to 10 years, everyone in the United States will be issued a new national identification number to replace our current social security number. As you can see in the above graphic, an agency such as the Department of Homeland Security (DHS) will issue this new number. It will assure the person making the claim is who he or she says he or she is, and issue a DID with a private key (for their eyes only) and public key (for anyone to verify the ID) which the person holds in his or her digital wallet. The DHS will also register proof of claim integrity on the permissioned blockchain (a vetted private blockchain). Going forward when requested, the person can present his or her digital identification (public key) to the verifier (Border Patrol, an employer, IRS) who can then validate this claim’s integrity through the secured blockchain registry. Most of these exchanges of information will use a QR code so the DID can be scanned with ease. This new verification system will create significant efficiencies and will be much more secure.


Eventually, this will be expanded beyond government issued identifiers, though at MIT Sovrin, it was mentioned the IRS is looking at this solution now. You will soon have DIDs for access to anything you normally use for login and passwords on websites, access to your house and starting your car. Anything that requires a key or login now will leverage this new technology. Self-sovereign identity flips the old model of control from central authorities, or single points of failure to individuals.