Privacy and security are the matters of prime concern these days. The existing identity management system is neither secure nor reliable. And in this age of technology, people need the right way to manage their identity without the need of paper-based documents.
Everyone uses identity documents regularly, which are shared with third parties without explicit consent of the document owner and stored at unknown locations. Whether a person needs to apply for a loan, open a bank account, buy a sim card, or book a ticket, identity documents are used. Government institutes, banks, and credit agencies are considered the weakest in the current identity management systems as they are vulnerable to theft and hacking of data.
Identity Management is not just for employees anymore. Organizations must be able to provide secure access for contractors and business partners and customers as well. Since, an organization stands between the customer and product it is important to take care of customers' security and privacy. As there are hackers waiting to plant some ransomware and steal data. But most of these organizations fail to do so because it takes a sufficient amount of money to buy good security software which is maintained by some other company which plays an intermediary especially when a company is starting up. We need a reasonable alternative that will tackle all of our issues without spending much money. Blockchain might have a solution to all these problems.
When documents are stored at some central server then it is vulnerable to data breaches and leads to denial of service. Users have no control on a government forcing the service to disclose their data. This leaves users with no option than to give their data in unsafe hands. Neither can it be protected from the people who are not supposed to read our data without our consent.
Hacking centralized servers has become the biggest threat to personal security of individuals. Online applications maintain centralized servers for storing data, it becomes easier for hackers to hack these servers and steal sensitive information. According to the breach level index 4,861,553 records are stolen every day. This information is mostly stolen from well known companies and the government; hackers sell them to earn money.
Nevertheless if we want to use some social media applications we are asked to enter our information including birthdate, name and location. We are made to remember user Id and password for every new platform which becomes difficult for a person to remember so many id’s and passwords. Besides, these organizations use their customers' information without their prior consent. This way users lose the control over their own personally identifiable information. So far blockchain has the potential to eliminate the need of user id password combination.
As we all know that blockchain technology is booming these days; every sector including health care, banking, government, media and entertainment, etc.are using blockchain technology. Blockchain is offering decentralized and secure solutions that puts users back in control via a distributed trust model. In blockchain the users data will not be shared without their consent unlike traditional identity management. Blockchain technology stores data in a decentralized, trusted and immutable manner. It ensures that the user’s single digital identity is stored in a secured and incorruptible manner. This single digital identity can always be up-to-date with the latest user information. The information cannot be mutated or maliciously transferred to another source without the owner's permission. Blockchain identity management can enhance the levels of security and privacy. We don't need a third party to validate our data instead it done by a smart contracts instead. Governments look towards distributed ledger technology to protect citizen's personally identifiable information. Which will take security to the next level. For your reference government of Zug, Switzerland made their citizens to vote using blockchain technology where every citizen was provided with a unique DID.
In order to secure our data on a blockchain without revealing we make use of zero knowledge protocol. This sort of consensus mechanism make our communication more secure and protected; suppose we need to share certain data with a party that we don’t but we need to make sure that they trust us that we hold that required eligibility criteria.
Consider a student Rahul. Rahul has completed his high school graduation(org1); he now has a bunch of certificates but due to corona he was unable to travel so he decided to use a digital locker(it is application which runs on web3and is based on blockchain) which allows him to not only store his certificates but also share it without actually revealing it. All his data will be cryptographically encrypted and he will be provided with a public key also known as DID(Decentralized Identity).
Now he wants to share some of his certificates with the university where he will be admitted for higher education, let's say org2. But org2 needs to check if those certificates Rahul is providing are genuine at the same time Rahul doesn't want org2 to actually store his data. Therefore, in this scenario he will be using blockchain to protect himself from privacy breach.
Rahul will send the hash of the certificate to org1. If the hash of the certificate matches with the hash sent by Rahul the transaction occurs and the transaction is signed by Rahul using his private key. Now if org2 wants to verify the document they will use the public key of Rahul and see if the transaction is completed or failed. If the transaction is complete the document is original since it is org1 has approved it and if transaction fails it the document provided by Rahul is fake. Here, even if we are saying org1 is approving but in reality it is done by a smart contract who has all the data and org1 is holding is only maintaining the software. These smart contracts prevents org1 from acting maliciously.
Email and password credentials are notoriously easy to crack as can be witnessed in all the large-scale online account hacking. Current online services rely blindly on online providers to perform identity management and authentication. There should be an ideal form of identity management that only grants access to certain information and eliminates the need for each online service provider to store credentials for every client. Blockchain can offer a solution by decentralizing the ownership of credentials and offering a universally available protocol for verifying one’s record in an immutable chain of data. Blockchain can create a secure platform for online service providers to authenticate users. Besides, this technology could also help to instill the trust back in users. Users should have full control over who has the right to use their data and what they can do with it once they gain access. To facilitate this peer-to-peer exchange of data and consent, routing of requests, mechanisms for discovery and recording of events, a decentralized network that is publicly accessible, immutable and resistant to faults and tampering is needed. Distributed ledger technology and Blockchain is the revolution that makes this possible.
It is necessary to understand that crypto currency is just a sphere of the blockchain.
Blockchain holds a lot more applications in the real world and not just holding coins of value.
Besides, blockchain technology is in its initial stages and has a long way to go before it establishes its full potential. In the coming years it will be a lot more simpler to use blockchain than it is now, providing more security and stability to the world.