The World Wide Web was originally designed to be transparent, inclusive and accessible to all. However, as technology progressed, the original vision was largely abandoned, leading to an overly centralized online ecosystem.
Web 2.0, the version of the Internet we currently live with and are most familiar with, has some drawbacks that we rarely discuss. Most of these problems stem from the fact that most Web 2.0 relies on digital identifiers.
But what are these ‘digital identifiers’ and why are they important?
In the simplest terms, digital identifiers are used by third-party service providers to validate a user’s identity. These are mainly operated by major technology companies such as Facebook, Google, Amazon, network operators, email service providers and other online platforms that give users access to the world wide web.
A common example of digital identifiers is the OAuth2 option, which almost everyone uses. You will be asked to register when you want to access a new platform, such as an eCommerce store or a social media app. To make registration easy for users, many platforms use OAuth2 – the feature that allows users to register directly through their existing Google or social media accounts.
The data privacy issues surrounding web2-based credentials
On the one hand, Web 2.0 based features like OAuth2 have certainly made life easier for the end users. But at the same time, our reliance on these centralized platforms has created significant data privacy issues.
The data collected by these centralized platforms is usually stored on centralized servers, making it an easy target for hackers. Since users have no control over their data stored on these servers, data can be easily misused, often without the user’s consent. In recent years, there have been thousands of cases where hackers have leaked tons of Personally Identifiable Information (PII), leading to crimes such as identity theft, money transferring, targeted ransomware attacks and many more.
Although several attempts have been made to resolve this issue, no Web 2.0 solution exists to date. That said, the situation is poised for a drastic change. Leveraging the power of blockchain, several promising solutions offer a new feature called decentralized identifiers (DIDs), designed to restore full control of data to users while maintaining data privacy and high-level security.
Redefining data boundaries with decentralized identifiers
New solutions that allow anyone to prove their identity online without relying on centralized organizations are already disrupting the Web2 approach. These efforts have led to the idea of ’decentralized identity’ or DID, a disruptive approach to identity and access management (IAM ).
The most valuable goal of decentralized identities is to establish global standards that allow all Internet users to effectively control which online applications and services can access their personal information. In addition, it also helps limit the amount of PII that is shared with apps and services.
by the World Wide Web Consortium (W3C)“A Decentralized Identifier (DID) is a new type of identifier that is globally unique, highly available resolvable, and cryptographically verifiable. DIDs are typically associated with cryptographic material, such as public keys, and service endpoints, for establishing secure communication channels. DIDs are useful for any application that takes advantage of self-managed, cryptographically verifiable identifiers such as personal identifiers, organizational identifiers, and identifiers for Internet of Things scenarios.”
To clarify: DIDs exchange information on a peer-to-peer (P2P) basis. No central intermediary stores personal data or facilitates the exchange of data. Because the exchange takes place directly between the sender and the receiver, DIDs are much more secure than existing identifiers.
The best thing about DIDs is that there is no limit to the amount. Different identifiers can be used for different applications and services, reducing the chance of snooping through personal information. In addition, DID users can control the size of the shared data or restrict access as and when needed.
Imagine a scenario where a certain application asks to verify the age. Web2-powered identifiers require users to share all relevant and requested information. But with a DIS, users simply prove their age without even revealing a date of birth.
An example of such a blockchain-based platform leading the way in mainstream use of DIDs is: KILT protocol† Developed by BOTLabs GmbH, KILT is a fully decentralized, open-source protocol that allows users to represent and prove their online identity without disclosing personal information that they wish to keep private.
The KILT team recently launched its flagship solution called SocialKYC, a decentralized identity verification service that allows users to manage, store and share specific personal information to access online services themselves. While the service currently works with Twitter and email, the KILT team is expanding its use to other prominent social media platforms such as Twitch, Discord, Github, TikTok, LinkedIn, and others.
With Web 3.0 upon us, DIDs will play a key role in ensuring that users (and entities) are no longer subject to the whims and fantasies of centralized intermediaries. DIDs are poised to change the way we’ve used the internet until now, finally giving us back full control over our personal data.