Administrators are realizing the downside of using a central system to handle identification services. This is getting more and more evident. The Blockchain Identity Verification system could be the next possible solution for handling identities.
Earlier in July 2017, there was an identity breach incident at the Equifax credit bureau relating to 400,000 of UK customers. Later in October 2017, there was a database breach leaking personal information of 30 million South Africans. The above incidents and several others reported recently has shown the importance of securing the systems from such data breaches.
Entrepreneurs believe that it is time to update the technology used by these services in order to protect customer data. According to the executive director of Hyperledger, Brian Behlendorf, the storage of data in the cloud and using digital government services have centralized the systems. He points out that action should be taken to decentralize the data. Otherwise more breaches will keep occurring in the future.
According to Behlendorf, this has led to stakeholders looking toward self-sovereign identity. The concept of self-sovereign identity deals with people and businesses storing their own identity data on their personal devices. The identity will be presented when necessary for validation, without storing in a central location. This gives the user control over his/her own identity data.
Government stance on Blockchain Identity Verification
Some governments have already stepped in to find a solution to protect the identity data of citizens. The requirement comes with the increase in governmental data breaches.
In United States, the state of Illinois plan to store birth certificates and land titles in the blockchain through the Illinois Blockchain Initiative (IBI).
In Brazil, the Ministry of Planning is piloting a ConsnSys’ uPort program for handling identities. The government is using the Ethereum platform to achieve this purpose.
IBM is piloting blockchain identification verification with SecureKey and several banks in Canada. The Blockchain Identity Offerings director at IBM, Adam Gunther says that United States and other countries are showing interest to do something similar. At the moment, there are ongoing discussions with the relevant regions.
Problems for implementing Blockchain Identity Verification
There are several problems that come along with blockchain identity verification. Most of the blockchain related ID systems depend of decentralized identifiers (DID). The DIDs contain metadata identifying each user uniquely.
If we take the Illinois scenario, the birth certificates do not get stored in the blockchain. It only stores the metadata. The DIDs are useless outside the system. There is no way for outside parties to access the information.
The lack of standards for possible scenarios make it difficult to understand the concept and put into action.
Adam Gunther of IBM points out the need to put up standards for DIDs. This is important in the case of possible loss or theft of DIDs. This way a person misplacing the DID could call in and block the DID from use immediately.
There is a need for blockchain systems to work across platforms as well. There is a growth in the number of blockchains. This means there can be many ID systems in the future. These should be inter-operable linking to each other.
There need to be regulations to solve the current problems. Behlendorf wishes the blockchain self-sovereign identification will be sped up by the General Data Protection Regulation (GDPR) in Europe. He believes the requirements of GDPR can be easily met which can minimize the data stored. Using a regulation approach will keep the users notified allowing them to check and validate their personal information in the system.
Drummond Reed, the Chief Trust Officer of Evernym, believes that regulations on blockchain identity verification will help streamline the process in the future.