Privacy & Security

Why We Need Decentralized Identity

Decentralized identity is a new approach to user identity on the Internet. It is a set of emerging technologies, standards, and protocols for giving users back their privacy. It is alternatively known as ‘self-sovereign identity’ or ‘self-owned identity’—and is the future for privacy and security online.

Given the alarming statistics, current methods for managing identity on the Internet are clearly failing, exposing users to surveillance, personal data exploitation, identity theft, and financial fraud. While the original Internet provided the protocols and standards for networked communication, identity was never a major consideration beyond simple user authentication with username and password. As the world wide web emerged and the application ecosystem grew, services were offered as ‘free’ to users and monetized through advertising. Data became the currency of service providers and data collection become the business imperative. 

Without proper privacy protection methods, users are left with little means of protecting their data or controlling how it is mined, refined, correlated, and sold. Ever-increasing stores of collected data have become major targets for theft and malicious exploitation by criminals. Decentralized identity gives users a better way to protect their personal information in this environment.

Here’s how identity management on the internet currently works: When a user creates an online account, they typically provide a name, email address and sometimes a phone number. Most users provide the same set of identifying information to every online service they access, easily enabling data brokers to create detailed profiles that trace back to the user’s personal identity. In many cases, this data correlation is used to improve targeted advertising, but often it is used for financial and identity fraud. To mitigate these risks, digital identities can be used with all online services. 

A digital identity, like Anonyome Labs’ market leading Sudo, has attributes that are distinct from a user’s personal identity, such as a customizable name, email address or phone number. Using a separate digital identity for different activities helps users compartmentalize their data, thereby minimizing the data build-up around their personal identity. This helps protect them from surveillance, personal security threats, and the likelihood of identity and financial fraud. 

For even better personal privacy protection and security, digital identities can be decentralized. In traditional centralized and federated identity architectures, identities are created, stored, and managed by the service they’re associated with. This enables the service to control and exploit the identity information without the user’s knowledge. On the other hand, in decentralized architectures, a user creates, stores, and manages their own identities, optionally sharing them with other services or directly with other users. A decentralized identity is anchored to a public blockchain (or distributed ledger), making it verifiable by third parties, and without the need for those third parties to know and store identity attributes. This paradigm allows the user to retain full control of their own digital identities, including how much of their personal information is exposed in any interaction.

Photo by Tom Barrett on Unsplash