In today's digital environment, there are a lot of security concerns. The nature of the existing identity models is for a third-party to store our personal information. In the first blog in this series we discussed the federated model, where the federation needs to accommodate hundreds or thousands of members, and security falls to the lowest common denominator, which in some cases is less than satisfactory.
This is the way
Decentralized identity leverages the power of cryptography to solve many of today's security problems. A DID is secured using cryptographic keys, which allows an entity to prove their control or ownership of that DID using digital signatures.
If an entity cannot sign its DID, it becomes an integrity issue where authenticating who is in control is in question. The lack of integrity will invalidate credentials associated with that DID because ownership is questionable.
For example, if someone stole your credit card credential, tried to make a purchase, but could not sign it with the key, the transaction would not be processed. Cryptographic keys are robust and provide security at a level today's digital world cannot achieve.
This level of security is unavailable in the identity world we navigate today. No matter how secure we try to make the existing ecosystems, it will not make an impact. The foundation for the identity models we use today is crumbling, and no amount of hotfixes will address the underlying issues.
No knowledge facts
Another security feature is specific to the information on a credential. It is a method to prove a fact on the credential without disclosing it. This cryptographic proof is called a Zero-Knowledge Proof (ZKP). There is a lot of mysticism about ZKPs as a solution to solve all problems––this is false. We discussed ZKPs in depth in the SSI Fundamentals IV: Verifiable Credentials blog; we invite you to read more in-depth about them there.
Data
How data is handled and stored today is a significant problem. Centralized storage can lead to breaches, we saw this happen to Equifax in 2017, as 143 million US-based consumers had their personally identifying information exposed. It is worth mentioning that services like this are third parties in which consumers have no choice in whether their data is shared.
Centralized data hubs are a prime target because of their size. It is the equivalent of throwing a net into a pond at a fish farm, the odds are significantly in my favor, and it would most likely be a multitude of fish, not just one. This methodology is one of many that bad actors employ to get their hands on data. Why would someone go through all of this effort? Because data is precious. "Data is the new gold" is a statement casually tossed around, but it is true. People and companies would not want it if it had no value.
Decentralizing identity removes the central data storage. Credentials are between the holder and the issuer in their respective wallets. A user can share a credential that contains (personal/identifying) information with another party, but the user is in control of the flow of information.
A caveat is that a verifier can ask for any information from a user. The question that needs careful thought is what kind of information should verifiers request. Does it make sense for a retailer to ask for health records, government, or tax ID? Probably not. This line of questioning is a little preview of the next blog in this series regarding trust, where we will flesh out these ideas in-depth.
Risks
Security is risky, no matter how you slice it. Not having it increases risk, but having high security can also be problematic. Many businesses use cards to access their facilities, which is sufficient. However, someone who loses their card can no longer access the building. They must go to the security office to have the old card deactivated and a new one issued.
DIDs rely on the cryptographic keys associated with them. If those keys are lost, the DID effectively becomes useless. DIDs, their keys, and verifiable credentials get stored in digital wallets, similar to a crypto wallet. The most significant difference between the two is that an identity wallet stores information locally, not on the blockchain, so recovering a wallet does not rebuild the contents of the wallet.
This problem could be resolved by either backing up your wallet into a secure file locally or to a centralized service like Dropbox. It is not perfect, but it speaks to the security problem. With low security, like today, it is easy for identity thieves to run rampant. In a high-security world, the issue becomes user-centric, where the individual is responsible for owning the backups of their data.
As previously mentioned, self-sovereign identity (SSI) shifts control to the user. This shift comes with moving more control, ownership, and responsibility back to users. Sure, there are risks involved, however, many would prefer to own that risk than to hand it off to a third party.
Conclusion
No solution is perfect. Decentralized identity may be the best solution when rooted in the principles of SSI. It comes with a lot of individual responsibility, which can be scary. It is a justified concern but a manageable one. People working on wallets are exploring the various methods of restoring a wallet's contents. Many new and innovative protocols are being explored to ensure it is secure but also a good user experience.
Security is always a delicate balance. We have seen the risks of low security with data breaches. On the other hand, losing all credentials in a highly secure environment is a risk. Restoring this information would be as painful as it is today with having to reconnect and have credentials reissued. As long as the risks are clear and there are protocols in place to make a recovery, risks are manageable. As Spiderman learned from Uncle Ben, "with great power comes great responsibility."
Next up in our SSI Fundamentals series is all about trust. It is a compelling and in-depth topic that requires a thoughtful and delicate approach to establishing trust in a digital ecosystem.