Identity management is growing in importance thanks to the rapid rise of the modern internet economy, however, identity management solutions are in desperate need of improvement.
Blockchain and identity management are increasingly looking like a match made in heaven!
If you are planning to launch an identity management solution, then this article explaining the benefits of blockchain for identity management is a must-read!
Identity management and the associated challenges
Identity management, or “ID management” refers to the processes of identifying individuals or users, thereby authorizing them to access organizational systems and networks. The process also includes revoking user access when it’s no longer valid. Read “identity management (ID management)” for more information.
The market for ID management, and overall “Identity and Access Management” (IAM) is growing. An Identity Management Institute report estimates the global IAM market to reach $14.82 billion by 2021, accompanied by a CAGR of 12.9%.
Implementing ID management can be hard, due to the following reasons:
- Risk of losing ID proof: People often misplace paper-based identity proofs. When this happens, they need to obtain a duplicate ID proof. The organization providing this ID proof, e.g., a government organization needs to undertake a complex process to provide this duplicate ID.
- Silos: Large businesses, governments, and even non-profit organizations have built up organizational silos over several decades. ID management processes require key data that allows this system to operate, however, organizations have this data in silos. This makes the ID management and IAM hard to implement. Read “Meeting identity and access management challenges in the era of mobile and cloud” to learn more about this.
- Lack of an authoritative ID repository: Organizations don’t have “one single version of the truth” as far as IAM is concerned. Multiple ID repositories increase duplication, errors, etc.
- Dispersed workforce: Whether operating globally or within one country, most businesses now have a distributed workforce. It’s hard to monitor whether employees are using their access appropriately. Read “The challenges and benefits of identity and access management” to learn more.
- Manual processes: ID management and IAM processes are often manual and slow, and this adversely impacts the productivity of organizations. This makes onboarding, reconciliation, audit, and offboarding difficult to manage.
- Distributed computing environment: Unlike the monolithic computing environment of the past, organizations are no longer using just their own data center. They may use a public cloud for hosting some of their apps, and dedicated cloud for other purposes etc. Finally, they continue to host their core business apps on-premises. This hybrid environment makes it harder to implement IAM.
- “Bring Your Own Device” (BYOD): Organizations issue computing devices to their employees, and employees can use only these to connect to the organizations’ network. With BYOD a reality now, IAM faces much more complexity.
- Securing RESTful services: As far as managing access to traditional web-based apps goes, current IAM solutions fare quite well. However, these were not designed for managing access to RESTful services and APIs. Read more about this challenge in “Top 10 legacy IAM challenges holding back your enterprise”.
Can blockchain make a difference here?
Download Our Project Specification Template
Blockchain is a relatively new technology, which emerged a decade ago as the foundation of the famous cryptocurrency Bitcoin. It works as follows:
- It’s a peer-to-peer (P2P) network, where every computer has a record of all transactions in the chain. We call each computer a “node”, and all of them effectively act as complete ledgers of all transactions. Therefore, the technology is also known as “Distributed Ledger Technology” (DLT).
- Anyone can join a public blockchain network, and each node can communicate with all other nodes. Private or enterprise blockchains are permissioned, therefore, only trusted nodes can join.
- With each node being a full ledger, no one can shut the network down by compromising any one computer.
- Blockchain also uses digital signatures, data encryption, cryptographic hash functions, and consensus algorithm to protect data against tampering.
- Later generation blockchain networks like Ethereum, NEO, EOS, etc. offer smart contracts. These are autonomous, tamper-proof, open-source pieces of code, and their execution results are irreversible. These help in contract administration.
Read “How to build your own blockchain using Node.js” to learn more about the key features of blockchain. Maintaining a single version of the truth is easier with blockchain due to decentralization and security features. Smart contracts offer further advantages such as increased automation.
Benefits of blockchain identity verification solutions
Blockchain digital identity solutions can take several forms, as follows:
1. Ease of obtaining duplicate ID proof after losing the original
This is arguably the easiest application of blockchain in ID management. As I have already explained, one commonly comes across people that have misplaced their original ID proof document. This results in the following:
- They must go to the relevant government department to get their duplicate ID proof, however, the process is cumbersome.
- Government authorities often have silos of information and manual processes. This delays the issuance of the duplicate ID.
- Underprivileged people such as the homeless, or those living far away from government service centers are the worst affected by this system.
- People living in remote areas may need to visit government offices multiple times to get their duplicate ID proof, due to the multiple stage process.
Blockchain enables permanence and tamper-proofing of records, therefore, the technology can help here. Government departments can store the individuals’ ID proof on a blockchain. The tamper proof nature of this record means it is completely safe and reliable, while the security features of blockchain ensure permanence.
In the unfortunate event that someone loses the original ID proof, government officials can easily issue a duplicate ID proof. Read more about this use case in “The impact of digital identity”.
2. “Self Sovereign Identity” (SSI)
The Facebook/Cambridge Analytics data scandal has shown how technology giants like Facebook and Google control and manage users’ digital identity, and how risky this can be. Identity management is complex and due to conventional systems, it is not easy for internet users to manage their own digital identity.
“Self Sovereign Identity” (SSI) can help as follows:
- Users own and fully control their digital identity.
- Other parties can access this identity information, but only with the consent of the primary user.
- By its very design, an SSI is trustless, i.e., there is no need to trust a 3rd party provider.
- SSIs are permanent, therefore, hackers can’t destroy them.
- Their portable nature is a big advantage.
Read more about SSI in “Evernym – private Sovrin self-sovereign digital identity blockchain?”.
Blockchain can help in creating a system where users can obtain their SSIs. In fact, Hyperledger Indy, an enterprise blockchain framework from Hyperledger Consortium caters to the digital identity use cases.
Evernym, a blockchain start-up has created a blockchain-powered platform for SSI, and it’s called Sovrin. They collaborate with Indy. I have earlier explained how to create SSI using Indy in “How to build a self sovereign identity wallet?”.
3. Identity verification using blockchain
As I have explained earlier in this article, implementing an ID management solution can be tricky, in view of silos and predominance of manual processes. However, the good news is that blockchain start-ups are now offering identity management solutions.
An example is Blockpass, a blockchain start-up offering identity management solution. Their solution works as follows:
Read How We Helped a Marketing Company to Build a Back-Office Custom Ads Dashboard
- Blockpass has a “Know Your Customer” (KYC) portal, which is powered by blockchain. This ID verification portal is called “Blockpass KYC Connect”.
- Businesses working in regulated industries must follow stringent KYC regulations, and this portal helps with it.
- Organizations can use this portal for their user onboarding.
- This platform uses smart contracts for KYC and “Anti Money Laundering” (AML) compliance. If you need to learn more about smart contracts, you can read our guide “How to deploy smart contract on Ethereum?”.
- The company provides easy-to-install tools.
- Businesses can use their “Software Development Kits” (SDKs) to integrate Blockpass services with their current systems.
- This platform uses an ERC20-compliant crypto token, and it’s called “PASS”.
- The portal offers shared services, which businesses can use for their user onboarding and other ID management purposes.
While Blockpass is a good example, entrepreneurs can use blockchain platforms like Ethereum and develop their own “Decentralized Apps” (DApps) for ID management. DApps are like web apps, however, they are open-source, use crypto tokens, run smart contracts as their backend, and run on a decentralized blockchain. I explained this in “How to build an identification app using blockchain?”.
4. Non-custodial login solutions using blockchain
Whether signing into your employer’s networks or logging into an internet-based service, you trust a 3rd party to keep your ID and password safe. The employer or the other service provider maintains central servers to keep your credentials safe.
We call these as “Custodial login solutions”. As with any central server, these are also vulnerable to being hacked. In fact, central servers are lucrative targets for hackers, and such incidents of hacking are common.
Blockchain can transform this with its decentralization and enhanced security features. Blockchain-based solutions no longer use central servers, rather they are decentralized and use public-and-private keychains for login. The employer or the 3rd party service provider can consume these services, with the assurance that only trusted individuals are logging into their systems. An example of such a non-custodial login provider is Remme.
Remme has an open-source distributed protocol for “Public Key Infrastructure” (PKI). It’s a decentralized network, therefore, providers of internet-based services need not store a large volume of user IDs and passwords.
Remme uses the following components:
- Masternodes: These handle user registration, ID revocation, etc.
- Hyperledger Sawtooth: This is an enterprise blockchain framework from Hyperledger Consortium.
- “Proof of Service” consensus algorithm: This is for transaction validation.
- REM crypto token: This is an ERC20-compliant token.
Read more about Remme here.
5. Identity management for the decentralized web
Various 3rd party services track every online activity by users. For e.g., “Internet Service Providers” (ISPs) track every site users visit, and 3rd party email tracking services monitor emails. This is possible only because they have the user’s personal information, such as their digital identity.
Increasingly, internet users are looking for a decentralized web, where they don’t need to part with their personal information to access services. However, this requires an appropriate digital identity management solution.
Users should be able to use one digital identity to validate their activity anywhere on the internet. Moreover, they should not have to provide it to every internet-based service provider. Blockchain can help here. Users can store their digital ID on a blockchain network, and internet-based service providers can access that for user authentication purpose.
Metadium is a blockchain start-up that uses SSI to achieve this. They use a blockchain that lets users create their SSIs. They have a public identity blockchain platform, their “Meta ID” protocol for 3rd party developers, and a DApp named “Keepin”. Read more about Metadium here.
6. Managing user identity for “Internet of Things” (IoT) systems
Whether smart appliances, fitness trackers, or remote patient monitoring (RMP) systems, the “Internet of Things” (IoT) is entering our life rapidly. All IoT-enabled devices collect data and stream it to the relevant service providers.
IoT as such does not need any introduction. Billions of IoT-enabled devices already stream valuable data, and many more billions will soon be IoT-enabled. However, all communications from IoT-enabled devices happen over the Internet.
This is a security risk, and if the devices collect sensitive data such as “Protected Health Information” (PHI) then the users are at serious risk. Users must have full control regarding how the data from IoT devices is used. Read more about this in “Blockchain for identity management: 7 possible use cases”.
Identity management for IoT devices should ensure that the data collected by the IoT devices is under the full control of users. Such ID management should also be secure enough to prevent hackers from accessing sensitive information in transit over the internet.
UniqueID is a blockchain project that addresses this use case. They have a distributed ledger for device IDs. Users don’t need to depend on 3rd parties since the platform doesn’t require CA-signed certificates. Users are in full control of their digital IDs.
Have a great blockchain digital identity solution idea?
Blockchain and identity management have enormous potential, however, the solutions are still evolving. Platforms, frameworks, and tools are undergoing significant changes to address scalability and transaction throughput, for example.
Before you undertake a development project, you need the appropriate architecture and industry expertise. I recommend that you engage a reputed software development company for your project. Read “What to plan for when undertaking blockchain software development?” to learn more.
Download Our Project Specification Template