Every day the world is becoming more digital, which means we increasingly need an effective, trusted, and convenient way to prove our identity as we interact with digital services from governments, retailers, and other service providers. We can no longer easily use things like a driver’s license in a digital environment.
A digital equivalent that could be held by individuals and accepted by all service providers would make it much easier and safer to do business online. Some digital national IDs can be used to access some government services, but they are not widely accepted.
There is a need a universal digital ID that can be used to access all digital services, without having to enter personal identity information for every single service and having to trust every service provider to keep that centralized personal information safe.
Decentralized Identities, which are a type of digital identity that captures a set of attributes, identifiers, and credentials relating to a specific person or thing, are a viable alternative that could be used by all service providers, but with added user convenience and without the security risk.
Decentralized identities are stored in a decentralized architecture to decouple the ID from the issuer and the service it is being used to access. Because decentralized IDs are stored in a digital format, they need to be cryptographically secure so that they cannot be tampered with, duplicated, or stolen.
For decentralized IDs to work, there needs to be a holder of identity credentials that are typically stored in a digital wallet or on a smart device, credentials that make specific claims about the identity holders, and issuers who are responsible for each credential.
These credentials need to be verifiable credentials, which are tamper-evident claims that can be cryptographically verified and include proof of who issued it. Verified credentials can contain a decentralized identifier (DID), which is globally unique and cryptographically verifiable.
These cryptographic elements are then anchored to a blockchain or other decentralized ledger so that when credentials are presented, they can be verified by the service provider in the same way that a driver’s license would be verified by a car rental company.
The concept of a Self-Sovereign Identity (SSI) is closely related. An SSI on the blockchain is a permanent ID that is managed by the person to whom it belongs, but aspects of that identity can be shared with individuals, organizations, or agencies when relevant.
SSIs are decentralized and encrypted, and are typically stored on devices under control of the identity owners. Identity data is provided when the identity of the owner needs to be validated, but without relying on a centralized database.
Decentralized identity, therefore, provides a way of accessing services without creating centralized stores of personal information. Instead, individuals hold their own identity credentials, which they can hold in a digital wallet and present to whichever services they would like to access.
Decentralized Identity offers compelling advantages for organizations to benefit from increased identity assurance levels, interact securely and with higher confidence with partners, suppliers, and other ecosystem members, and reduce the administrative load during onboarding or ongoing verification and/or validation of credentials.
However, organizations need a way to make decentralized identities interoperable with their current systems and to enable access management policies work with them. There are also other challenges that need to be addressed such as revocation of credentials and scalability, but these are being solved. In the meantime, organizations should be gearing up for the coming new era of decentralized digital identity so they will be ready to use it as soon as the wider ecosystem is up and running.
Proof of concepts and first customer experiences are demonstrating the many ways that decentralized identity can offer optimizations, savings, and advantages for security and privacy.
— Anne Bailey, Senior Analyst, KuppingerCole.
Because we understand the importance of understanding how to benefit from and implement decentralized identity, and because we are committed to helping your business succeed, KuppingerCole has a great deal of content available in a variety of formats.
This includes live events such the 2022 KuppingerCole European Identity and Cloud (EIC) conference taking place in Berlin and online from May 10-13.
The topic of Decentralized Identity will be covered comprehensively, with tracks dedicated to:
Highlights include keynote presentations entitled:
- Identity. Security. Decentralized. The Future Composable Enterprise
- Decentralized, Global, Human-Owned. The Role of IDM in an Ideal (If there is One) Web3 World
Future looking presentations entitled:
- IAM 2025: Integrated, Agile, Flexible. Decentralized?
- SSI Market Size (and opportunity in web3.0) and use cases
Business oriented presentations entitled:
- How organizations can make and save money with decentralized identity
- How to use the framework of a Trusted Data Ecosystem to simplify building decentralized identity solutions
- Bringing Decentralized Finance (DeFi) to Reality
- Self-Sovereign Identity for Legal Entities and their Representatives globally
European focused presentations entitled:
- Designing an European Identity Wallet: An overview of UI and UX aspects
- A breakdown of SSI Developments in the EU
Government related presentations entitled:
- From A to B - How Decentralized Technologies Are Changing Collaboration Between the Public and Private Sector
- Transatlantic SSI Interoperability: Building the Identity Layer for the Internet
- Verifiable Credentials on the front line
Implementation focused presentations entitled:
- Centralized vs. Decentralized: Pros, Cons, Use Cases
- SSI, NFTs, ENS & Co - Trends and Adoption of Decentralized Identity in 2022
- Implementing SSI using the existing web infrastructure
- Hybrid Central/Decentralized Identity: Deployment Strategies for SSI
And presentations focusing on the Global Assured Identities Network (GAIN) initiative:
As mentioned above, the Global Assured Identities Network (GAIN) proposes an identity network that would allow any global organization to utilize verified identity attributes. To understand what GAIN is, what use cases it serves and who may be interested, have a look at this Leadership Brief entitled: GAIN Explained.
To find out how to go about enabling decentralized identity and how it can fit into an Identity Fabric, have a look at this Leadership Brief: Guide to Implementing Decentralized ID.
As shown in the above-mentioned Leadership Brief, establishing an Identity Fabric is one of the ways of enabling the use of decentralized identity. To find out more about his concept and the vendors that support it, have a look at this Leadership Compass on Identity Fabrics.
For further perspectives on technologies that support the use of decentralized identities, have a look at these Market Compasses on Providers of Verified Identity and Decentralized Identity: Blockchain ID & Self-Sovereign Identity Solutions, and this Buyer’s Compass on Decentralized Identity for key criteria and questions to help select an appropriate vendor.
For a broader perspective on decentralized identity, have a look at these Leadership briefs entitled: The Business Value of Decentralized Identity, What to Consider When Evaluating Decentralized Identity?, and Blockchain ID & Self Sovereign Identity.
For insights into consuming decentralized Identities in different sectors, have a look at these Advisories on fostering digital business innovation in the Healthcare, Utilities & Energy, and Finance sectors.
To find out where decentralized identity fits, in terms of how businesses need to evolve their identity management strategies to become well-placed to meet existing, new, emerging, and future requirements, have a look at this Advisory Note on the Future of Identity Management.
This Advisory on Redefining Access Governance: A broader perspective once again refers to the Identity Fabric concept and how it relates to implementing decentralized identity.
For various perspectives on decentralized identity, have a look at the following Frontier Talks dedicated to the topic.
Explore ways to navigate trade-offs between privacy and accessibility in decentralized identity and learn about interesting user-centric approaches that can be applied to modern identity protocols in this episode on Bringing User-Centricity to Decentralized Identity.
Discover how an international initiative by banks, universities and telco providers is safeguarding the e-commerce ecosystem in this episode on The Decentralized E-Commerce Story.
Understand the increasingly important role of provenance in helping build a better world and learn about the intersection of exciting concepts such as non-fungible tokens (NFTs) and decentralized identifiers (DIDs) in this episode on Decentralizing Provenance in an Industry 4.0 World.
If you would prefer to hear our analysts discuss the emerging concept of the Global Assured Identities Network (GAIN) to get a broader perspective on the benefits and challenges of reusable identities, and find out about the latest phase of GAIN, listen to these Analyst Chats on GAIN and Reusable Identities, Putting GAIN to the Test, and A Deeper Dive into GAIN.
Decentralized Identity has also been featured in presentations at past KuppingerCole events. Choose the most appropriate topics from the following list:
- Enhancing User On-Line Security With Improved Decentralized Identity Governance
- Opportunities and Challenges for Decentralized Identity
- US Pharmaceutical Supply Chain adopts Decentralized Identity and Credentials
- Timely Disruption - Why is Decentralized Identity Different?
- The State of Decentralized Identity - World Stage
- How can Decentralized Identities reshape the Future of eCommerce?
- Decentralized Identity and the US Dept. of Homeland Security
- Decentralized Identity: What's Been Happening and Why it Matters
- Decentralized Identity and Governments - Can It Work?
- Picos and Decentralized SSI Agencies
- Goodbye Dogmatism / Hellō Pragmatism
Our analysts and partners have written several blogs on the topic of decentralized identity. For short, incisive, and insightful views, choose from the following list of blog posts:
- Decentralized Identity Could Become a Reality, but Blockchain May Not Be a Part of It
- Decentralized Identity 101: What It Is and Why It Matters
- Some Perspective on Self-Sovereign Identity
Several webinars touch on the topic of decentralized identity. Have a look at the following list and choose the topics that are most appropriate or interesting to you and your organization:
- Identity & Access Management Predictions 2022
- The Evolution of Access Control
- Identity Verification: Why It Is Needed and How It Can Benefit the Business
- Entering the Virtual World With Identity Verification
- Techniques for Securing Transactions With Identity Verification and Verifiable Claims
For an architectural perspective on how to enable the use of decentralized identities, have a look at this Whitepaper entitled: Modular Decentralized Identity Architecture.
Verifiable Credentials is an up-and-coming method to establish digital, verified identity in a highly secure way. Learn more about how this relates to decentralized identity in this Whitepaper entitled: Verifiable Credentials for Secure Digital Identity.
Organizations investing in technologies to enable the use of decentralized identity can have a look at some of the related technology solutions that we have evaluated: