Head of Customer Engagement for TrustGrid Pty, Ltd., in Sydney, Australia.
Digital privacy and the need to protect online credentials is a growing universal concern, especially as consumers continue to expect the convenience of online transactions. That means financial institutions, retailers, government agencies, healthcare providers and others must store sensitive information such as credit card numbers, social security numbers, bank information, and more; information that is attractive to hackers. Despite hardened security measures, cybercriminals routinely break into data repositories to steal personal information they can sell online.
There is a better way to secure personal information and still take advantage of digital credentials: By separating personal information from digital identification, consumers can use a digital identity card for account validation, credential verification, and other identity-based transactions without exposing personal data. Distributed ledger technology presents a new way to create a secure digital personal identity code you can carry on your smartphone.
Solving the password problem
The ongoing challenge in today’s connected world is the need to maintain multiple online accounts, including multiple login credentials and passwords. The average user has more than 100 passwords, 25% more than a year ago. That means the potential to steal personal information has increased by 25% as well. The more passwords we use, the greater the risk that sniffers or intercepted passwords can compromise accounts.
Consumers are also creating more online accounts than ever, leading to more personal information scattered across the web in different databases and further increasing the risk of losing control of your personal information.
Creating a new approach where you and your digital identity eliminates much of this risk. Abstracting your credentials using a digital ID protected by distributed ledger technology provides an added layer of security and gives you total control over your credentials.
By adopting distributed ledger, you create a means of authenticating your identity without exposing personal information. Whether you have an account with a business, government agency, school, retailer, or some other organization, you can create a secure means of authentication. Once you establish a social contract with that organization, you are issued a secure digital identifier. This identifier contains no personal data and cannot copy or steal. The approach is easy to execute, easy to use, and totally secure.
Creating a secure authentication system
Your secure digital credentials are maintained and secured in the cloud. The organization that needs to validate your identity or credentials can verify your information using whatever credentials are in demand, whether it’s a social security number or a driver’s license number. Once validated, it issues a unique QR code that you can store on your smartphone.
What makes the digital ID secure is the distributed ledger system, which operates like the security for blockchain. Rather than relying on a single data repository to store personal credentials, the distributed ledger doesn’t store any information. Instead, it accepts the validation from the issuing organization, which is responsible for verifying your personal credentials. You then are given a QR code which can be authenticated by an encrypted key to verify your credentials.
What makes the system so secure is the fact the validation key is stored across multiple online locations. Validating an identity or credentials requires all of the key locations to synchronize and match the ID information. No one key can unlock the digital credentials and there is no stored information to steal. Along with that, there are also no more passwords to remember or share.
Digital IDs are already in use
This technology is being already using for different applications. In Australia, the New South Wales government is using a distributed ledger to issue digital driver’s licenses. The Transport for NSW is responsible for issuing the license but, rather than providing a paper license or plastic card, it issues a QR code to show you are licensed to drive. If you lose your wallet or even your smartphone, your identity is still secure in the cloud and no one else can use the same digital ID.
Not only are these digital IDs secure but they can have multiple uses. The same QR code that is used for your driver’s license also can be used as a student ID, as a hob ID, for healthcare or even to validate COVID vaccinations. And just like with physical ID cards, these digital credentials can be temporary with an expiry, requiring re-validation in order to resume usage.
The same ID code can use for multiple credentials. Participating agencies and organizations can come together to form a secure ID consortium so the same QR code can be used for a driver’s license, school ID, library card, or any application. It’s the ideal way to create an extensible digital ID that is secure and gives you total control over your personal data.
There is no longer reason to risk identity theft by storing personal information across the web and relying on insecure passwords. Separating your personal information from your digital identity is the ideal approach to providing secure credentials whenever and wherever you need them.