Original vision for the world wide web was transparency, inclusion, and accessibility. As technology improved, however, this vision became less important and the internet has become centralized.
Web 2.0 is the current version of the internet we live and are most familiar with. However, there are many drawbacks to it that we seldom discuss. Many of these issues stem from Web 2.0’s reliance on digital identifiers.
But what are these “digital identifiers,” and why do they matter?
In the simplest terms, digital identifiers are used by third-party service providers to validate a user’s identity. They are managed primarily by large tech companies such as Facebook, Google and Amazon.
OAuth2 is a popular digital identifier. It’s used by almost all people. When you want to use a brand new platform such as an eCommerce site or a social networking app, you will be asked for your registration. To make registration easy for users, many platforms employ OAuth2 – the feature that allows users to register through their existing Google or social media accounts directly.
Web2-Based Identifiers: Data Privacy Problems
OAuth2 is one example of Web 2.0-based OAuth2 features that have greatly simplified the lives of end users. Our dependence on these central platforms has created significant privacy problems.
Why is this?
Hackers can easily access the data collected by these central platforms. They store it in centralized servers. Since users don’t have any control over their data stored in these servers, data can be readily misused, often without the user’s consent. Hackers have stolen a large amount of personal information over the years. This has led to many crimes, including identity theft, money siphoning and targeted ransomware attacks.
While many solutions have been tried to this problem, none exist in Web 2.0. However, there is a chance for things to change. Many solutions that harness the potential of blockchain offer promising new features, such as decentralized identifications (DIDs), which allow users complete control and high levels of privacy while also maintaining security.
Decentralized Identifiers: Redefining data boundaries
The Web2 model is being disrupted by new solutions, which allow anyone to verify their identity online and not rely on any centralized organization. These efforts have given birth to the idea of ‘decentralized identity’ or DID, a disruptive approach to identity and access management (IAM).
Decentralized identities have the most important goal of establishing standards worldwide that all internet users can use to control what online services and applications may access their information. This will limit the amount PII available to apps and services.
Per the World Wide Web Consortium (W3C), “A Decentralized Identifier (DID) is a new type of identifier that is globally unique, resolvable with high availability, and cryptographically verifiable. DIDs often have cryptographic material such as keys and endpoints that can be used to establish secure communications channels. DIDs are useful for any application that benefits from self-administered, cryptographically verifiable identifiers such as personal identifiers, organizational identifiers, and identifiers for Internet of Things scenarios.”
DIDs share information peer-to-peer, or P2P. There are no centralized intermediaries that store or facilitate data exchange. DIDs offer far greater security than traditional identifiers because they are directly exchanged between the sender/receiver.
DIDs have no limits on how many you can use. DIDs are flexible enough to be used for different applications or services. This reduces the risk of personal data being snooped on. DID users also have control over the amount of data that is shared and can restrict access as needed.
Consider a situation where an application requests age verification. Web2-powered identifiers require that users share any relevant information. A DID allows users to prove their age by simply revealing their birthdate.
KILT Protocol, a blockchain-based platform leading the mainstream adoption of DIDs, is an example. KILT, developed by BOTLabs GmbH and fully open-source, allows users the ability to identify themselves online without revealing their private information.
SocialKYC by the KILT Team is a decentralized identity verification solution that allows users access to online services and their information. The service is currently available for email and Twitter, but the KILT team plans to expand its usage across social media platforms such as Twitch and Discord, Github and TikTok and LinkedIn.
Web 3.0 is near, and DIDs play a crucial role in protecting users (and entities). The DIDs will revolutionize the way that we use the internet, giving us complete control of our data.