The Relationship Between Blockchain and Digital Identity

November 10, 2016

Blog

Gautam Hazari, Technical Director, Personal Data, GSMA

‘Identity’ is a word often used to mean subtly different things.  The Oxford English Dictionary defines it succinctly as “The fact of being who or what a person or thing is”; ISO29115 prefers the broader “Set of attributes related to an entity”.

Identity, therefore is not a singular characteristic but rather a set of attributes that vary by relationship and moreover the plurality of these relationships can enhance the confidence level that the identity being asserted is genuine through corroboration.

block-chain-1

In the physical world this is fairly straightforward. A government institution for example, can attest the photograph, name and address of a citizen; these can then be corroborated through identity checks conducted by banks or telecommunication providers, who are regulated to ‘know their customers’ hence enhancing the confidence level of the attributes associated with a given identity and hence the identity itself.

Digital identities need to function in a similar way, but the nature of the digital world makes it much harder.

new-yorker

Source: Peter Steiner’s cartoon, as published in The New Yorker

 

In particular, some of the key challenges that digital identity faces include:

  • Establishing trust in the trustless digital world
  • Decentralisation: control and ownership of the identity attributes
  • Immutability of the operations related to the digital identity

These requirements are also the fundamental building blocks behind blockchain.

A user’s digital identity can be represented in the blockchain as follows:

block-chain-2

Here, the user’s identity starts its journey into the blockchain as a self-asserted block, containing the user’s identity attributes (hashed) and the user’s public key, all signed with the user’s private key. At this stage, the level of confidence in the user’s identity is at base level.

Other entities, such as a bank or electricity provider, with which the user has a relationship, are also represented within the blockchain, with their own sets of hashed attributes and public keys. These entities can establish relationships with the user by signing the particular hashed attributes of the user that are relevant to that relationship. For example, the Passport Office could sign the hashed address, name, and photograph of the subject if the attribute values asserted by the user match those on record at the Passport Office.

As more and more relationships are established for the user within the blockchain, confidence in the accuracy of the attributes – and hence the identity itself – grows organically. In addition, as more transactions take place involving the user (with other users or entities verifying or trusting the hashed attributes of the user), the ‘reputation capital’ of the identity also grows. In other words, confidence in the identity’s accuracy increases as does confidence in the trustworthiness of the person behind it, based on what they do online – all of which is transparent, and visible to anyone via the blockchain.

If any of the relationships change between the user and the entities, the change can be established within the blockchain as a separate block with a cryptographically signed timestamp hence enabling any new verifier to observe both previous and current relationships in a cryptographically protected sequence.

Making the blockchain usable for digital identity representation

One critical aspect of any service where users interact is finding the right balance between convenience and security. As Eve Maler once pointed out, “an application with 0% security and 100% functionality is still an application, but an application with 100% security and 0% functionality is useless”.

The block representing a digital identity in the blockchain is identified using the public key[1] associated with the user, and the corresponding private key is the credential that the user needs to keep protected.  In a sense, therefore, the public key can be considered equivalent to a user ID and the private key equivalent to a “password” or biometric.

However, a public key is not a convenient “user id” and the private key is not something that can be easily remembered (such as a password) or be inherent to the user (such as a biometric). Securely storing the private key to ensure that it can’t be used by others whilst also being able to easily use it to assert the associated identity is a real challenge.

A solution is to introduce the concept of a wallet through which the user can self-assert their attributes and manage their public and private keys.  This wallet can then be identified through a more convenient user ID (such as the user’s MSISDN) and be unlocked using conventional multi-factor authentication mechanisms. The user can then prove ownership of the private key, and hence confirm their identity.

Mobile Connect is an ideal framework for supporting such wallets, and providing users with a simple means of authenticating their identities in a way which is both convenient and secure.

The combination of Mobile Connect for administering the wallets and Blockchain for administering the identity in a decentralised fashion is a perfect solution to providing digital identity and in a way that is ‘conveniently secure’ for the user.

 

 

[1] In truth, the blockchain ID is derived from the public key by using SHA256 and RIPEMD160, but for simplicity we will simply call it the public key.

 

 

Back

Presentation: Identity Hangout Delivering Identity Services The first Identity Hangout: Delivering Identity Services on 5 December explored the value and commercial scalability of mobile-based identity services. The online event was targ...

Read more | See all Identity Resources

Presentations from M360 Series – Russia & CIS The 2018 GSMA Mobile 360 Series – Russia & CIS was a regionally-focused event drawing on global case studies for senior-level leaders from government & regulatory bodi...

Read more | See all Identity Resources

Presentations: Delivering Commercial Success Through Identity Services The GSMA Identity recently partnered with Turkcell to co-host an event in Istanbul which explored Turkey’s journey towards becoming the first Mobile Connect commercially su...

Read more | See all Identity Resources

Mobile Connect Workshop Presentations at MWCA Identity Seminar The seminar Mobile Connect Seminar: Reducing Fraud through Secure Authentication and ID Verification Services, brought together h wider mobile ecosystem aiming to prevent fraud b...

Read more | See all Identity Resources

Mobile Connect Workshop Presentation at Mobile 360 Digital Societies i The Mobile Connect workshop: Delivering commercial success through identity services attendees had the opportunity to learn the value and commercial scalability of mobile-based ...

Read more | See all Identity Resources

Distributed Ledger Technology, Blockchains and Identity: A Regulatory This paper provides an overview of the relevant regulations for the use of distributed ledger technologies (DLT) and blockchains for digital identity. Digital identity is the bas...

Read more | See all Identity Resources

News Flash: Business Leaders Flag Internet Security Fears Three-quarters of C-Suite execs say consumer data is too easily compromised online Consumers can’t trust the safety of their online identities, as too much of their personal da...

Read more | Visit Identity Blog

News Flash: Microsoft Explores Eliminating “Inverse Privacy” Reports claim software giant is seeking to increase users’ control over personal data Microsoft is working on giving people greater insights into the private data collected abo...

Read more | Visit Identity Blog

News Flash: Identity Fraud “at a Tipping Point” Symposium speakers highlight hackers’ ability to easily create synthetic identities The vast amount of personally identifiable information available on the Internet is making i...

Read more | Visit Identity Blog

News Flash: Digital Identity to Change Direction In 2019, there will be a shift from trying to digitise identity to creating digital identities underpinned by relationships, according to David Birch, a leading financial service...

Read more | Visit Identity Blog

News Flash: Taiwan Targets 2020 for Digital ID Government says digital ID cards will enable online access to 80% of public services The government of Taiwan is planning to roll out a digital identification system in 2020, acc...

Read more | Visit Identity Blog

Top 3 Digital Identity Trends for 2019: the Curtain Closes for the Hum   2019 will see the consolidation of multi-factor authentication As users have grown increasingly weary of creating endless online profiles (86% report abandoning purchases ...

Read more | Visit Identity Blog

Identity at MWC19 Barcelona February 25, 2019 Discover the latest innovations, market developments and business strategies in digital identity at MWC19 Barcelona. More details to follow. Register for MWC19 Barcelona...

Read more | See all Identity Events

MWC19 Seminar – Mobile Connect: The Rise of Digital Identity February 25, 2019 This seminar will focus on the consolidation and growth of Mobile Connect as a successful identity service offered by the mobile operators around the globe. The seminar will c...

Read more | See all Identity Events

MWC19 Seminar – The Future of Digital Identity: From Revolutiona February 26, 2019 It’s been a tempestuous year in digital identity with major breaches hitting the press on an almost weekly basis. This seminar will look at some of the latest research in use...

Read more | See all Identity Events

Identity Hangout March 20, 2019 Join the second Identity Hangout to hear what’s new on the identity space. The GSMA Identity team will be joined by an expert to talk about this as well as discussing the r...

Read more | See all Identity Events

Contact GSMA Legal Email Preference Centre Copyright © 2019 GSMA. GSM and the GSM Logo are registered and owned by the GSMA.