The world is becoming digital, which means we increasingly need an effective, trusted, and convenient way to prove our identity as we interact with digital services from governments, retailers, and other service providers because we can no longer easily use things like driver’s licenses in a digital environment.
A digital equivalent that could be held by individuals and accepted by all service providers would make it much easier and safer to do business online. Digital citizen IDs can be used to access some government services, but they are not widely accepted.
We need a universal digital ID that can be used to access all digital services without having to enter personal identity information for every single service and having to trust every service provider to keep that centralized personal information safe.
Decentralized Identities, which are a type of digital identity that captures a set of attributes, identifiers, and credentials relating to a specific person or thing, are a viable alternative that could be used by all service providers, but with added user convenience and without the security risk.
Decentralized identities are stored in a decentralized architecture to decouple the ID from the issuer and the service it is being used to access. Because decentralized IDs are stored in a digital format, they need to be cryptographically secure so that they cannot be tampered with, duplicated, or stolen.
For decentralized IDs to work, there needs to be a holder of identity credentials that are typically stored in a digital wallet or on a smart device, credentials that make specific claims about the identity holders, and issuers who are responsible for each credential.
These credentials can follow the emerging Verifiable Credentials standard from W3C, which are tamper-evident claims that can be cryptographically verified and include proof of who issued it. Verifiable Credentials can contain a decentralized identifier (DID), which is globally unique and cryptographically verifiable.
These cryptographic elements are then anchored to a blockchain or other decentralized ledger so that when credentials are presented, they can be verified by the service provider in the same way that a driver’s license would be verified by a car rental company.
Decentralized identity, therefore, provides a way of accessing services without creating centralized stores of personal information. Instead, individuals hold their own identity credentials, which they can hold in a digital wallet and present to whichever services they would like to access.
Decentralized Identity offers compelling advantages for organizations to benefit from increased identity assurance levels, interact securely and with higher confidence with partners, suppliers, and other ecosystem members, and reduce the administrative load during onboarding or ongoing verification and/or validation of credentials.
However, organizations need a way to make decentralized identities interoperable with their current systems and to enable access management policies work with them. There are also other challenges that need to be solved such as revocation of credentials and scalability, but these are being addressed. In the meantime, organizations should be gearing up for the coming new era of decentralized digital identity so they will be ready to use it as soon as the wider ecosystem is up and running.
Proof of concepts and first customer experiences are demonstrating the many ways that decentralized identity can offer optimizations, savings, and advantages for security and privacy.
— Anne Bailey, Senior Analyst, KuppingerCole
Because we understand the importance of understanding how to benefit from and implement decentralized identity, and because we are committed to helping your business succeed, KuppingerCole has a great deal of content available in a variety of formats.
To find out how to go about enabling decentralized identity and how it can fit into an Identity Fabric, have a look at this recently published Leadership Brief: Guide to Implementing Decentralized ID.
As shown in the above-mentioned Leadership Brief, establishing an Identity Fabric is one of the ways of enabling the use of decentralized identity. To find out more about his concept and the vendors that support it, have a look at this Leadership Compass on Identity Fabrics.
For further perspectives on technologies that support the use of decentralized identities, have a look at these Market Compasses on Providers of Verified Identity and Decentralized Identity: Blockchain ID & Self-Sovereign Identity Solutions, and this Buyer’s Compass on Decentralized Identity for key criteria and questions to help select an appropriate vendor.
For a broader perspective on decentralized identity, have a look at these Leadership briefs entitled: The Business Value of Decentralized Identity, What to Consider When Evaluating Decentralized Identity?, and Blockchain ID & Self Sovereign Identity.
Find out how decentralized identity can be used to manage the access of everyone and everything to ever digital service in this Leadership Brief on Managing Non-Human Identities.
Discover how to unlock the potential of decentralized identify in this Insight entitled: Decentralized Identity – A Playbook for Your Enterprise.
For insights into consuming decentralized Identities in different sectors, have a look at these Advisories on fostering digital business innovation in the Healthcare, Utilities & Energy, and Finance sectors.
To find out where decentralized identity fits, in terms of how businesses need to evolve their identity management strategies to become well-placed to meet existing, new, emerging, and future requirements, have a look at this Advisory Note on the Future of Identity Management.
This Advisory on Redefining Access Governance: A broader perspective once again refers to the Identity Fabric concept and how it relates to implementing decentralized identity.
For various perspectives on using decentralized identity, have a look at the following Frontier Talks dedicated to the topic.
Learn about the playbook required to kick start decentralization initiatives in your organization in this episode on: Decentralizing Mobility, Coopetition and Platforms.
Find out about the relevance of decentralized biometrics as an alternative to centralized honeypots, and discover next-generation authentication mechanisms in this episode on: Decentralized Biometrics and Next-Generation Authentication.
Understand the problems of the identity status quo and the conditions required to usher in a new era in identity that gives individuals independence and better ways to engage with businesses in this episode on: Building the Future of Identity.
For a discussion on the concept of machine economy and the intersection of decentralized identity and the Internet of Things, listen to this episode on: Enabling the Machine Economy and Decentralized Internet of Things.
For a discussion on how decentralized identities and verifiable credentials helped organizations respond to the pandemic, listen to this Analyst Chat on: COVID Response and Decentralized Identity Solutions/Verifiable Credentials.
Decentralized Identity has also been featured in presentations at past KuppingerCole events. Choose the most appropriate topics from the following list:
- Decentralized Identity: A Quick Survey of the Standards, Use Cases, Approaches, and Pitfalls
- A Stepwise Approach to Deploying Decentralized Identity
- How to Build a Decentralized Identity Ecosystem
- Integrating Decentralized Identity Into Your Existing Infrastructure: Do's and Don'ts
- Reimagining Identity: a Buyer’s Guide to Decentralized Identity
- Bringing Self-Sovereign Identity Into Practice: Lessons Learned from Lissi and the SSI for Germany Consortia
Our analysts and partners have written several blogs on the topic of decentralized identity. For short, incisive, and insightful views, choose from the following list of blog posts:
- Decentralized Identity Could Become a Reality, but Blockchain May Not Be a Part of It
- Decentralized Identity 101: What It Is and Why It Matters
- Some Perspective on Self-Sovereign Identity
Several webinars touch on the topic of decentralized identity. Have a look at the following list and choose the topics that are most appropriate or interesting to you and your organization:
- The Evolution of Access Control
- Identity Verification: Why It Is Needed and How It Can Benefit the Business
- Entering the Virtual World With Identity Verification
- Techniques for Securing Transactions With Identity Verification and Verifiable Claims
For an architectural perspective on how to enable the use of decentralized identities, have a look at this Whitepaper entitled: Modular Decentralized Identity Architecture.
Verifiable Credentials is an up-and-coming method to establish digital, verified identity in a highly secure way. Learn more about how this relates to decentralized identity in this Whitepaper entitled: Verifiable Credentials for Secure Digital Identity.
Organizations investing in technologies to enable the use of decentralized identity can have a look at some of the related technology solutions that we have evaluated: