Why is digital identity a problem?

In the real world, most identity interactions are self-sovereign. People collect various credentials that they keep in their possession and present them at their discretion to prove things about themselves. They hold things like a driver’s license, passport, or insurance card and present them to any verifying entity they want, without the permission of the issuer. These credentials are kept under the control of the holder and only revealed with their consent.

This is not what happens on the internet. Like the famous cartoon says– “On the internet, nobody knows you’re a dog”, illustrating the very real issue with the lack of an easy, secure, standardized system for a person to collect, hold, and ultimately present trustworthy, verifiable credentials online.

One solution that has arisen to solve the problem of digital identity is through the advent of federated logins provided by services like Facebook or Google. What seems from the onset as a handy tool that helps expedite logging into the various websites that accept them, when actually, these federated logins are actually problematic. Relying on vast amounts of data collected from individuals– much of it unverified– one of the primary concerns with these systems is access. There will always be companies and individuals that will choose to not access these social networks and perhaps do not want to rely on these companies to control their or their customer’s data.

Overall, the internet lacks a universally available digital identity system that lets individuals collect, hold and present any credentials they want, to whomever they want, whenever they want– without the reliance on a third-party managing access.

What is Self Sovereign Identity?

Self-sovereign identity (SSI) is an approach to digital identity that gives individuals control of their digital identities.

SSI addresses the difficulty of establishing trust in an interaction. In order to be trusted, one party in an interaction will present credentials to the other parties, and those relying parties can verify that the credentials came from an issuer that they trust. In this way, the verifier's trust in the issuer is transferred to the credential holder. This basic structure of SSI with three participants is sometimes called "the trust triangle".

It is generally recognized that for an identity system to be self-sovereign, users control the verifiable credentials that they hold and their consent is required to use those credentials.This reduces the unintended sharing of users' personal data. This is contrasted with the centralized identity paradigm where identity is provided by some outside entity.

In an SSI system, holders generate and control unique identifiers called Decentralized Identifiers. Most SSI systems are decentralized, where the credentials are verified using Public-key cryptography anchored on a distributed ledger. The credentials may contain data from an issuer's database, a social media account, a history of transactions on an e-commerce site, or attestation from friends or colleagues.

What is Decentralized Identifier?

One of the major concerns with standard digital identity solutions is correlation. This means the ability to track an identity holder’s data—like social security number, phone number, or username—across multiple websites and log-ins. This is a major security threat and leaves the identity holder vulnerable.

As outlined in the W3C Draft Report on “Decentralized Identifiers (DIDs) v0.11, “Decentralized Identifiers (DIDs) are a new type of identifier for verifiable, ‘self- sovereign’ digital identity. DIDs are fully under the control of the DID subject, independent from any centralized registry, identity provider, or certificate authority.” 

DIDs are globally unique identifiers that do not require a centralized registration authority because they are registered with distributed ledger technology or other decentralized networks.

How does MONiD use blockchain?

Although MONiD was originally built on Ethereum, we are working aggressively to build MONiD as a gateway for all the main DID protocols, which is one of the biggest difference between MONiD and other DID solutions.