When new things arrive, which are still in the pioneering stage and far from reaching maturity, there is always a lot of discussion. This is even more true for Blockchain Identity, where the massive hype around Blockchains, a long history of clever ideas failing, and a few interesting technical and security challenges come together. During my keynote at this year’s EIC, I addressed the challenges and success factors for Blockchain ID as well. That led to a discussion on Twitter about whether some of these success factors are contradictory.
That definitely is a good question worth thinking about. So where might be the contradiction lie?
- Critical mass vs. interoperability? No conflict.
- Critical mass vs. easy-to-use or secure wallets? No conflict.
- Critical mass vs. affordability? No conflict?
- There is anyway no conflict with Privacy by Design and Security by Design.
Anyway, if I make such pair-wise comparisons, I don’t find any obvious contradictions. I might have overlooked some, of course.
Obviously, there are some major challenges. Cyberattack resilience vs. cost vs. usability is not super-easy to achieve. That is why it is a challenge.
One factor where we definitely might have a discussion whether this is a contradiction in itself is the “easy-to-use, easy-to-secure wallet”. Making things both secure and easy to use is a challenge in itself, and it is a success factor for Blockchain ID in general, I admit it.
However, while it is not easy, I doubt that this is impossible, i.e. contradictory in itself. We have seen many improvements in usability of more secure solutions in the past years. Fingerprint biometrics might not be perfect, but it is better than 4-digit PINs. And it is quite easy to use. And that is just one example. In other words: there are ways to combine an acceptable level of usability with good-enough security. Yes, you can always use security as the killer argument. But we also know that there is no 100% security – it is always about finding the right balance.
But what we really should do is actually quite easy: stop arguing what might hinder us in delivering better identity solutions and start figuring out how we can deliver them by using Blockchain technologies wherever appropriate, combining it with what we already have (Identity Relationship Management, OpenID Connect, UMA, PKI, whatever else), and joining our forces.