We lack control of our personal identities, and that’s a problem. Birthdates and home addresses have long been accessible through a quick Google search, but now a trip to the dark web will turn up the information many of us still hold precious: Social Security numbers, bank accounts, health insurance details, and whatever else a criminal may desire.
Most of us don’t read the small print or do deep technical assessments before sharing information online. We don’t want to remember a different password for each account or re-enter credit card numbers every time we make an online purchase. Instead, we transferred ownership of the details that make us who we are, and as a result, we effectively put every company and government institution in the identity management business—whether they realized it or not.
But with the emergence of blockchain technology, the word privacy may regain its meaning. Blockchain’s ability to control information and avoid duplication means that self-sovereign identity, or the idea that individuals can control their personal data no matter where they are, could be a reality for the first time. For example, the Illinois Blockchain Initiative is managing a pilot program to put birth certificates on a blockchain. Their hope is to create self-sovereign, digital identities that can remain under a user’s control, capable of quick and secure validation without the need for a centralized repository.
Identity Data Risks Are Growing
Blockchain could act as the foundation of the root identity question “Who Am I?” as opposed to the authentication query “Am I Who I Say I Am?” These systems can securely store and make readily available all kinds of information, including sensitive data like our financial history and health records. As consumers, our need to present this data at the time of service, or the point of sale or care, has risen with service providers’ increased online presence.
Banks, governments and enterprises all require more of our information in order to verify that we’re the party entitled to their offering, but in an era of mass data breaches, we’re in a “risk race to the bottom” if we are going to keep up with this need by providing every enterprise with a complete profile of our personal and financial lives.
Keys To Our Own Data And Control Over Its Sharing
Blockchain-based data can be dispersed across an extensive network of individuals like us and therefore grant us more ownership over our own data. However, to be truly in control of our personally identifiable information (PII) — or self-sovereign — we must have control over the cryptographic keys that give us access to our data. In other words, just because a blockchain is involved doesn’t guarantee users they have more control over their data. The cryptographic keys, which function more similarly to long, complex passwords for securing information, are vital.
When you start putting the keys on a blockchain and proving you have the credentials, you open up new possibilities. A person can verify her or his information on the blockchain ledger rather than have point-to-point contact with an individual or organization. Mobile access to these ledgers would help us push our information to the loan officer or doctor, so instances where many enterprises have complete profiles on us will diminish as both parties’ approach to data evolves to a “shown as needed” model. This and other features of blockchain could completely transform today’s know your customer (KYC) processes by making them more certain.
Other possibilities to reform today’s model of passive, wholesale data sharing could include ways to segment data so suitable data is accessed only by those who need it. The way data storage is developed onto the blockchain can be configured so that custom permissions can be set. For example, your insurance company may have access to your health data, while your bank may only be granted access to your financial information.