Hello everyone and welcome to this first episode of this format dedicated to the discovery of Web 3.0 and its actors.
Today we will begin our study with a subject that makes surprisingly little noise despite all its promises: decentralized identity. Indeed if it is possible today to completely manage our money without any trusted third party if we give ourselves the means, what about our identity on the internet? Let’s see together the current uses, the disadvantages to consider, as well as the answers that bring the actors of the ecosystem of Web 3.0.
Our identity on the internet
We don’t always use pseudonyms to interact with services or other users on the internet.
Sometimes it is better to decline his identity for practical questions, but also sometimes to security. Today, we have to admit that there are few users who deploy good practices in the management of their personal data, mainly for a question of ease. Indeed, set up different email addresses, passwords for each service used maybe surly.
However, it has been a long time since the dissemination of our personal data has been limited to a simple email address or poorly protected password. Now these are complete profiles of users that are stored somewhere in the “cloud”, or, to be more precise, in one or the other data centers GAFAM. Some users fully assume and accept this consideration for access to services easy to use and generally free. But the problem of funds is to be found in the monopoly put in place by these players and the lack of interesting alternatives. As often, the equation turns out to be rather simple: sacrifice confidentiality and security for the ergonomics of a supposedly free service, even if everyone knows that this free service has a hidden cost.
Connect with social networks
In order to simplify the registration for a new service on the internet, different methods have been developed. But today the widely used ones are these buttons “Connect with” allowing to link existing accounts and transfer the necessary information to our new account. I will mainly deal with GAFAM since as Europeans these are the services we use. But the case of managing data from Chinese companies like WeChat is even more worrying … Obtaining and concentrating the personal data of users of these services far exceeds what can be found in the West.
The buttonss magics from Facebook and Google
Very practical, in one click our account is created. No need to make the effort to remember the password since our account Facebook will open the doors of third-party applications.
Revolutionary for the user experience, but also for the recovery of our personal data. Indeed this small harmless button allows Facebook (here, but it also works with Google for example) to link our activities to other applications to our profile. And therefore of offer its advertisers a more precise catalog of prospects, since this is their business model, I’m not teaching you anything.
The operation is similar for Google whose facilitation of connection is less popular than Facebook, but remains present in our daily lives.
Sign in with Apple
Apple presents a less aggressive position vis-à-vis the personal data of its customers. It is a widely publicized bias which is now part of brand communication. In addition to all of the options that give customers more control over who uses their data and when, Apple has developed proprietary connection systems.
These are very different from Facebook or Google since there are many options available to manage what you share with the services. For example, you can easily create a disposable email address (which will look like email@example.com) which will redirect its incoming emails to yours. So you don’t have to disclose your personal email address, limiting potential spam.
However, if today Apple claims that it is not using and will not use your data in the future, the situation remains problematic. Indeed, rely on a trusted player to guarantee the integrity of your personal data, this is adding a potential vulnerability in your management of these. It is certainly more comfortable and Apple is rather a better student than its competitors, but your data remains completely centralized … and not at home.
Prove your identity on the Internet
Today different methods are used by companies to allow their users to prove their identities. Formerly mainly focused on the email / password pair, now the methods are more sophisticated. For example, reducing the costs of sending SMS and automating this method makes it easy to find access to an application.
What is a decentralized identity ?
To determine what is a so-called decentralized identity and its use in the context of web 3.0, it is important to clarify these terms.
Indeed of what our identity is really made up on the internet and what exactly would his decentralization ? These are two extremely generic terms and everyone can imagine the fields of possibilities for themselves. The DIF (Decentralized Identity Foundation, we talk about it a little below), offers a definition of these terms, supposed to found the very notion of decentralized identity:
” Decentralized identities are deployed on databases without control bodies and can be universally linked to an identifier ”.
The objective of these decentralized identities is thus to allow users to be able to store private information locally, while making it possible to guarantee total confidence in the veracity of the latter when it is disseminated.
Keep your data and share the necessary information without going through a trusted third party. Once your profile is deployed and accessible only by you or rather your private key, the applications will connect to it. When registering for example compatible applications will request permission to access certain types of data. Similar to what already exists on our smartphones with requests for access to photos, microphone or camera, you therefore become the manager of these accesses and therefore of the dissemination of your data.
The actors of the decentralized identity
If we often describe decentralized sectors as ecosystems, it is not without reason. Indeed, it is the synergy between the different existing players and their services that allows users to offer the best experience and the richest possible functionalities. It is for this reason that it is important to study the different actors well, which is not often an easy task since communication is often limited to the niche of earlyadopters, in relative general indifference, until technology is widely used.
The objective of these actors is therefore to be able to offer users to regain control over the dissemination of their data. It will also reduce the data accumulations that Google and Facebook make every day.
It’s not really in the area of decentralized identity, but the way Metamask works has some interesting similarities. Indeed it is not an identity but a wallet (wallet) which allows you to connect to different applications of the decentralized web.
However, I wanted to present this web extension in order to introduce you to the functioning of the connection to web 3.0 services. Indeed, if you are interested in decentralized applications among which we find video games or financial services, you necessarily had to connect a wallet to these. Often the easiest option is to click the button “Connect with Metamask” and let this famous fox carry out the operation.
But you have to be aware that this harmless click has certain repercussions. First of all technically since this connection can create security holes if the developers of the application are not conscientious enough. Contrary to popular belief or ideal marketing presentations, users of services based on distributed registers are no less subject to risk of hacking, and paradoxically, it may even be the reverse. Indeed, the transactions Ethereum being public, it is possible to trace all those associated with a user and therefore draw up a profile of the latter through the applications that he uses. Distrust therefore, for fear of allowing anyone to draw up your digital user behavioral map
The DIF (Decentralized Identity Foundation) is a foundation which is intended to develop and democratize decentralized identity services. To do so, she surrounded herself with players from all walks of life in order to develop synergy between their services. There are many names known in the ecosystem, among which there are in particular actors of cryptocurrencies as uPort, Hyperledger or NEO but not only. In fact, other more traditional companies are also involved, such as MasterCard, Microsoft or IBM.
The objective is therefore to set up work groups around specific functionalities in the decentralized identity sector. You can find the work of these groups on their sites and the source codes are – like it should be – obviously open sources.
DIDs by the W3C
The team of W3C (World Wide Web Consortium) carries out work around decentralized identity. We can find presentations of this research regularly updated. They present these DIDs ((Decentralized IDentifiers) like new types of identifiers allowing the establishment of a true digital and decentralized identity. The difficulty being to set up an identity whose ownership can be proven without the use of centralized databases or control bodies (a bit like the Holy Grail in fact).
UPort is a company developing different services around decentralized identities. The leaders of this project indeed wish to bring to their users a new way to connect to various services on the internet. Their solutions make it possible to master digital life by taking control of their personal information, their security and their dissemination to third. The operation is quite simple since it will simply be necessary to set up a profile in order to use it on the uPort compatible applications.
uPort thus wishes to become a direct alternative to the famous “connection with Facebook” which is very precisely opposite to the values of web 3.0. Their services are not very interesting on their own, but it is through the adoption of their system to other applications, decentralized or not, that a comfortable and secure experience for users can emerge. And we will see it several times in this discovery of the decentralized web, it is this synergy between different actors who will offer simple navigation while guaranteeing a regain control of personal data, that new models will emerge.
Brickchain is also a player in the decentralized identity sector, even if it does not use blockchain technology. Indeed, the open source Brickchain protocol allows its users to keep control of their data, without using the heavy technology of distributed registers.
A mobile app is at the heart of system usage and allows users to use their data on the go. Brickchain’s goal is therefore to build a layer of interaction in which Strict and essential consent of the owner is the only way to gain access to personal data.
The Ethereum ERC-725 token standard
If there is a platform widely used to build web 3.0 innovations, it is the one of Ethereum. It is therefore not surprising that we can find a standard of tokens dedicated to decentralized identities or at least going in this direction. Simply named ” Proxy Account “This token embodies an interface to store information about a user but not only.
The objective of this standard is to allow a legal entity to exist on the Ethereum network, while giving it the ability to execute smart-contracts as such.
The Ontology network
Ontology is a public blockchain network project dedicated to free collaboration between different actors. The goal is to allow sharing data securely focusing on trust between different users.
But what interests us most is one of the features offered by Ontology which is the framework dedicated to the identity of users named ONT ID. It allows each user to create their own identifier and link the information of their choice. Once implemented, only the owner of this ID has full control over it and the data stored. Ontology will provide maximum transparency in order to more easily trace where the data is going and who is using it.
However, introducing this identity within the network facilitates the multi-use of the latter. Indeed it is easy to control the different roles that the same user can have and the different sources of this personal information. The goal of Ontology is therefore to bridge the gap between service developers and their users without control bodies like a state for example.
The future of decentralized identity
As we saw during our overview of this ecosystem, it still remains a niche sector today. But just like many innovative ecosystems, it is possible that its democratization will happen quickly, a fortiori for users of cryptocurrencies, a public particularly sensitive on this subject.
Decentralized identity is a rather specific sector because the object of decentralization, here digital identity, is not centralized generalized. Indeed, quite a few systems exist around digital identity, even if we can observe some advances in this area.
But that does not mean that digital identities have not already been implemented.
So in Estonia is it already possible to connect to various digital services using the national identity card. In particular, this has enabled companies to delegate the costly operation of user identification to the state using this card. But all is not rosy since the centralization of this connection service can bring real problems in case of vulnerability. In fact, in 2017, half of the Estonians were deprived of these services due to critical security flaws.
Indeed, most of the services being very young or still in the development phase, the risks are very numerous. It is important to learn very precisely about a protocol before injecting sensitive or personal information. If decentralization will not necessarily be able to resolve all the issues related to the management of personal data, however, it could give users more choice. The market would thus be unlocked, whereas it is today intimately linked to GAFA.
It would thus be possible to witness the emergence of new players and more user-friendly models of monetization, for example.
Most importantly, it would become possible to clarify the very notion of personal data, as well as their real value. In fact, at the present time and due to a lack of control, it is complex to obtain information and to document oneself in order to be more enlightened on their management. These are many points on which the players in this still very young sector must work. And I’m sure we’ll hear from this ecosystem much faster than you might think.
As a conclusion, we will quote the very recent declarations of the CEO of Paypal Dan Schulman who, if he explains that the payment giant takes its time on the subject of crypto assets, sees above all the potential of blockchain in the domain of identity:
” Most people think that blockchain is about efficiency, but the current system is quite effective. There are sometimes superfluous intermediaries, but the current frameworks are rather solid. So we think a lot of what can happen on the blockchain is related to identity, for example. “
Now, this first episode of the discovery of web 3.0 dedicated to decentralized identity is coming to an end. I hope you enjoyed this reading and above all allowed you to discover this ecosystem. If you have any questions or comments about this article, please let us know on the newspaper’s social media. See you soon on Bitcoin for a new episode of the web 3.0 saga!