When Anonyome Labs’ CTO and co-CEO Dr Paul Ashley spoke to Anonyome Labs’ Privacy Files podcast about the hottest topic in privacy right now, decentralized identity, he left the audience with 5 aha! moments.
If you haven’t heard, decentralized identity is a new fully digital, universally accepted way of identifying ourselves online (e.g. to a web site or app) and in real life (e.g. at a bar or border crossing).
Decentralized identity (DI) is the most important privacy innovation of the decade and it’s here now—and that was the first aha moment from Dr Ashley:
Aha 1: DI technology is ready for your business application.
On the podcast, Dr Ashley told co-hosts Rich and Sarah that hundreds of applications of the groundbreaking DI technology are already springing up around the world and across many industries, particularly travel, health, banking, licensing and certification.
“It’s really been the last 12 months where we’ve seen it take off. We’re at the crest of the wave,” Dr Ashley said.
And it’s easy to get started, Dr Ashley said: “DI is quite simple for organizations to set up. Anonyome Labs has verifier and issuer providers, and we can run [applications] in the cloud because we’re a SaaS provider. We also provide a DI Wallet for users.
“Organizations just do a little application work around what [information] to ask the user for, but it’s not a big load for an organization to become an issuer or a verifier. You’ve just got to be able to control the issuer or verifier software. It’s not a big burden for the user either, they just need to get a wallet.”
- Understand more about the technology in our whitepaper, Innovating Identity and Access Management with Decentralized Identity.
- Get more advice on getting started with DI here.
- Discover how to quickly take DI to market using Anonyome Labs’ Sudo Platforms APIs.
Aha 2: Verifiable credentials will drive DI’s applications across the internet.
DI’s superpower is it allows a user to selectively disclose their personal information to an organization that is requesting proof of their identity.
Dr Ashley told Rich and Sarah that verifiable credentials are making this selective disclosure of personally identifiable information (PII) possible and will make DI ubiquitous across the internet within the next decade. He pointed out the rise of verifiable credentials has led to the widespread need for an identity wallet, a massive growth area in privacy and identity management.
Dr Ashley told Rich and Sarah a verifiable credential is really a digital copy of a paper or plastic identity document (e.g. license). It can’t be faked because it’s cryptographically protected. The issuer, holder and verifier can confirm who created the verifiable credential, and it can’t be changed. The verifier can also tell whether the verifiable credential has been revoked. The user holds the verifiable credential in their digital identity wallet.
It works like this:
“The verifier, such as a bar, knows it’s real data; the user is confident they’ve only shown the information they’re comfortable or need to show.
“Standards define the wallet and also what the issuer will do and what the verifier will do. The verifier should just be able to connect to the standard tech to accept the digital identity (verifiable credential),” Dr Ashley explained.
Aha 3: The technology is extremely well designed for security and privacy.
Dr Ashley, who’s spent 25-plus years in the privacy and security space, says: “There’s been a decade of work before the projects the world is looking at now. I have rarely ever seen a technology that has been so thoughtfully designed as this from a security and privacy point of view,” Dr Ashley says.
Dr Ashley points out that data brokers won’t want DI to take off and that includes the Googles and Metas of the world, as well as the smaller data brokers: “That industry will push back [because] DI will swing back the privacy pendulum more towards the user,” he said.
Dr Ashley also explained on the Privacy Files podcast that Anonyome Labs, a leader in DI technology, got into the nascent space from the privacy perspective: “DI is about digital identities that the user can manage and control rather than somebody else,” he says.
Blockchain is the anchor of trust for decentralized identity, and “DI is the ultimate blockchain technology,” Dr Ashley said.
DI will mean a passwordless future, connecting from a digital wallet to a system to access that system.
“With DI, there’s no one place you can go where all the data is sitting and can be accessed, so there are a lot of security and privacy aspects to the DI approach that you just don’t get with the centralized approach,” Dr Ashley said.
“Centralized databases are the classic honeypot for a hacker. DI makes hacking a much more difficult proposition. DI is much less attractive for hackers and also for data brokers wanting to exploit your data,” Dr Ashley says.
Aha 4: DI presents many opportunities for making money.
Dr Ashley said there are at least three models for monetizing opportunities in DI:
- Verifier paying the issuer model (e.g. employment agency pays a university to get proof of a job applicant’s credential.)
- User paying the issuer model (e.g. The student pays the university to get their credential proving their degree completion.)
- Verifier paying the user model for access to their data (e.g. a shopping site pays the user for identity verification information such as age verification).
Dr Ashley said projects in DI are about getting better data or getting it in a low-cost way and enterprises could use DI to move trusted data between a network of parties (e.g. banks or farms etc.). “There are a lot of cost savings from this reduced process,” he said.
Aha 5: Use cases for DI technology are virtually endless, across all industries.
Dr Ashley told Rich and Sarah that the number one decentralized identity scenario is travel: “Digital passports, visas, vaccine certificates, all in a wallet as verifiable credentials the traveller can take from country to country. With decentralized identity, you’re now taking trusted information across borders,” Dr Ashley said.
Some other big use cases we’re already seeing for DI, according to Dr Ashley, are digital driver licenses, event ticketing, certifications in the building or farming industry—”anywhere you need verifiable data to pass between one entity to you to another entity.”
“It’s a very good way of getting high integrity data,” Dr Ashley said.
When podcast co-host Rich raised the question of whether DI still gives off some kind of digital exhaust, Dr Ashley agreed, but gave an example to ease concerns.
“Yes, but take the government example. I think the government’s place in this is as an issuer or verifier of a credential. There’s nothing wrong with a DMV issuing you a digital driver license. Government has a place in it but they don’t own the digital identity. The user owns the credential [digital identity]. Government is just a player like everyone else,” Dr Ashley said.
“Government is just a player like everyone else.”Dr. Paul Ashley
As for what a digital wallet will look and feel like? “It will be an app just like MySudo is an app,” Dr Ashley said. As such, it’ll be important to backup a digital wallet app, just like any other app.
And what about when decentralized identity technology will be widely available?
“It’s not in the public domain yet, because it’s mainly networks of systems (e.g. travel or farm or health) that are exploring it and implementing it. It hasn’t got general use yet. Groups of organizations are putting systems in place and if you’re part of that, you’ll get a wallet and get underway,” Dr Ashley said. Noting it’s “not too far away” for the public.
“It will take time to roll out but there’s a great lot of opportunity and benefits for users and organizations as well,” Dr Ashley said.
Dr Ashley closed out the podcast episode by repeating his earlier assertion: “Decentralized identity is a key technology for privacy for the next decade.”
Get involved today. Explore Sudo Platform for quickly taking DI products to market.
Privacy Files is Anonyome Labs’ podcast for making privacy approachable for businesses and consumers.