Imagine a world in which you always have peace of mind that your personal information is safe. Imagine a world in which your information cannot be shared without your clear, explicit consent at the time of the transaction; where you decide who can access what information, when, and for how long. In this world, you can even later choose to revoke that privilege. You are in control. Every person, organization, or thing can have its own truly-independent digital identity that no other person, company, or government can take away.
Today, we are not in control of our identity. Our personal information lives in centralized repositories outside of our control. Information is often shared without our awareness. On a daily basis, we see stories of security breaches and identity theft that erode our confidence and trust.
At IBM we are focused on leading a global shift to decentralized identity that is built on blockchain technology. Blockchain provides distributed ledger technology as the foundation for decentralized identity. In this solution, trust is not rooted in any single point of control but is shared across participants in a network where each person has varying degrees of permission to view data.
Beyond just the technology, however, we must work as a community to establish standards and evolve regulations to work in a decentralized world.
That is why today we are excited to announce IBM has joined the Decentralized Identity Foundation (DIF) as a complement to our current stewardship in the Hyperledger Project. Today, the Hyperledger Project has also announced that they are joining DIF as we together join like-minded organizations such as Microsoft, Evernym, the Sovrin Foundation, and others who aspire to make the vision of self-sovereign identity a reality.
IBM joined DIF because we believe it will take open community and standards to achieve the vision of self-sovereign identity. For example, members of DIF are focused on the establishment of an open web platform standard within the W3C standards organization called Decentralized Identifier (DID). A DID will provide a standard global resource naming scheme for identity.
There is a global Internet standard for naming resources called a uniform resource identifier or URI. When you type https://www.ibm.com into your browser, a URI ensures you always end up at IBM’s website. Similarly, we need one standard to identify an individual, as well.
In addition to a distributed ledger and global standards, one of the most significant contributions of blockchain based identity management will be to enable verifiable claims. Verifiable claims are tamper-proof, cryptographic statements of truth. For example, let’s say “Sam” is applying for a car loan with “Acme Bank.” The Bank needs to know that Sam is trusted and can afford the car. Today, he would fill out a loan application and provide his personal information. In the new world of self-sovereign identity, this is no longer necessary. If Sam’s employer is a provider of verifiable claims in the blockchain identity network, the employer can attest that Sam is employed with them and makes more than $50,000 a year.
Since he does business with three other banks and these banks are also providers on the network, he can give consent for his employers and the three banks to validate his claim with Acme Bank. Acme can issue a new loan to Sam with minimal information all shared with Sam’s explicit consent. Using this process not all personal information needs to be shared, such as his exact salary, instead, the network validates that it is above a certain threshold.
Today, we are at a transformative juncture in personal identity made possible by blockchain and open standards through the work of organizations like DIF and the Hyperledger Project. IBM is already pioneering new digital identity and attribute sharing networks built on open standards through our partnership with SecureKey.
We are currently piloting a network in Canada designed to make it easier for consumers to verify they are who they say they are, in a privacy-enhanced, secure and more efficient way using the IBM Blockchain Platform.
Identity and control of personal identity is top of mind, given recent events as well as the European Union’s General Data Protection Regulation (GDPR). A lot of our identity is shared without our explicit consent, gets stored in locations we are unaware of, and when compromised creates tremendous setbacks. Almost everything we do in the […]
Identity theft is an all too common occurrence. Our personal information is not under our control and lives in repositories that are targets for hackers. The Identity Theft Resource Center recorded 1,339 breaches impacting over 170 million records in the U.S. in 2017 alone. The global numbers are so staggering that no one has been able to […]