Decentralized Identifiers: Ensuring Privacy and Control

Decentralized Identifier (DID) is an identifier that can be issued by an autonomous, independent and decentralized platform and serves as proof of digital identity ownership.

What is Decentralized Identifier?

Decentralized identifiers are a new trusted system of universally unique identifiers (UUIDs) that are cryptographically verifiable and do not need a centralized registration authority. They can be used to identify individuals, abstract entities, organizations, data models and Internet of Things (IoT) devices.

The basis of DID is to give identity control back to Internet users and enable them to generate unique identifiers using systems they trust. With the ability to authenticate these identifiers using cryptographic evidence such as digital signatures, both individuals and organizations will benefit from seamless, secure and private data exchange using distributed ledger blockchain (DLT) technology.

In today’s digital space, we need to provide critical information to access applications, websites, services and devices. Existing Universal Unique Identifier (UUID) and Uniform Resource Name (URN) technologies require centralized registration and are unable to cryptographically validate ownership of an identifier. As a consequence, privacy loss, data theft, and other related problems often occur.

However, with a DID system, users can store many accepted identifiers, such as government-issued certificates, education certificates, tax certificates, and other personally identifiable information (PII), in a secure and private digital wallet.

Instead of relying on a central authority to manage user identity, a blockchain-based distributed ledger serves as the source of all identifiers stored in the wallet. The identity information is not stored in a ledger, but in a user-managed wallet. This allows people to share different parts of their identity information with different services at their discretion.

In contrast to a centralized system, users can provide only the necessary information to any entity (website, application, etc.). These subjects can verify the veracity of the data through a blockchain-based registry. Suppose you are trying to register for a new online service and you need to prove that you are over 18 years old. Thanks to the decentralized structure, you will be able to control what information from your digital wallet is transmitted to the online service. You will be able to provide proof that you are over 18 without revealing your real date of birth.

Framework DID.

The basic DID project, originally published by w3c, explains that the decentralized ID is a simple text string. It consists of three parts. DIDs are part of a global key-value database in which compliant blockchains, such as Ethereum, host DID documents (public keys, service endpoints, and authentication protocols). DID documents act as keys, and DID documents act as values to describe certain data patterns in order to create cryptographically verifiable interactions with an identified entity in a decentralized ecosystem.

A DID document includes a public key for authentication. The owner of a DID document verifies its ownership with the associated private key.

Related terms