What Are Decentralized Identities?

November 7, 2020 • Devin Partida


In modern life, organizations don’t just trust that we are who we claim to be. Instead, they need some kind of proof. As a result, identity management may mean relying on banks and government organizations for documents that provide evidence of your existence — like financial statements, Social Security numbers, birth certificates and state-issued IDs. A new technology called decentralized identity may soon replace these documents in many applications.

Handing over your identity to providers or relying on physical documents isn’t always practical. In some cases, depending on third parties with weak data security and privacy practices may result in stolen or breached information. You can also lose physical IDs, meaning that for people like refugees, proving your identity can quickly become a major challenge.

In tandem with the Decentralized Identity Foundation (DIF), Microsoft is looking to create a new approach to identity management — decentralized identities (DIDs). They’ve found that it’s possible to use new tech — like the blockchain — to develop a new, decentralized approach to identity management.

What Is a Decentralized Identity?

Decentralized identities replace traditional physical and digital identifiers — like usernames — with unique and self-owned IDs. These identities — also called “verifiable credentials” by Microsoft — allow third-party organizations to verify certain pieces of information about a given person. However, they must consent to handing over their data.

The tech works by using the blockchain, which is the digital and distributed database technology that powers cryptocurrencies like Bitcoin. 

The tech’s foundational ideas ensure the security and accuracy of data on the blockchain. Rather than store information in one place, copies of the blockchain are distributed across a network of computers that work to continuously update and verify it. 

Every time users of the DID blockchain create a new transaction — whether by updating their ID or having a third-party verify some portion of their info — that transaction will be logged as part of a new block or set of transactions. Because each new block is linked to previous ones, the transaction’s information depends on data stored elsewhere in the blockchain. This combination of data distribution and linked block structure makes it extremely difficult to alter transactions once they’re completed.

As a result, you can have verifiable proof of your identity. Unlike other forms of ID, you’ll also have ultimate control over it and who is allowed to verify it.

Why Identity Control Matters

With DIDs, control of a person’s identity rests with them. It’s not up to providers — like email services, organizations and financial institutions that can verify proof of identity. As a result, you’ll have much more control over your identity and the information associated with it. This means that, unless you consent, you won’t have to transfer your information to a third party. This reduces the risk of your personal information being sold or transferred to others without your consent.

The nature of DIDs on the blockchain also means you’ll have a full record of information associated with your identity, as well as a log of everyone who asked for info. You will know exactly which people and organizations have access to information tied to your decentralized ID.

Theoretically, the distributed nature of the blockchain also makes it immune to hacking and data breaches. Despite the number of blockchain users, there’s been no major breach yet. While the tech certainly isn’t unhackable, it seems to be a much better option than centrally managed databases controlled by third-party institutions. For example, Equifax and Capital One both fell victim to hackers in the past few years.

Potential Challenges for Decentralized Identity

Despite the early success and adoption of DIDs, the tech isn’t ready for large-scale use just yet. While the blockchain is very good at maintaining the security and accuracy of its data, it isn’t great at processing a large volume of transactions or updates. 

A blockchain is constantly getting longer by default — and while the tech is very good at verifying transactions, it doesn’t really prioritize speed. Even the most advanced, high-volume blockchains process just tens of transactions per second. To provide decentralized identification services for people worldwide, it may need to process something more like tens or hundreds of thousands of those operations. 

Microsoft is working with others to create new blockchain tech that could tackle this issue. However, the same design principles that make the blockchain so secure could also create a major bottleneck that threatens the approach’s effectiveness.

How DIDs Could Change Identity Management

In the future, proving your identity will be just as important as it is now — if not even more so. DIDs provide an alternative to current identity management methods, one where a person can be in control of their identity.

The approach is another example of how the blockchain is being applied outside of the cryptocurrency space. However, it also demonstrates some of the limitations of the tech. Transaction bottlenecks could make the approach difficult or impossible in a real-world context.