Using a secure connection to identify and deal with your bank is a common scenario. Your web browser would generally check the validity of a digital certificate that is downloaded when you access the bank’s URL. The bank would have previously approached a Trusted Third Party CA (Certificate Authority) such as Verisign, who may carry out some checking (do you have the right to the domain name, is your organisation legitimate, does it have a physical address etc) and then issue a certificate (the CA will use a private Encryption Key they own to sign your domain and company details).
Any process or person needing to verify this identity (known as a Relying Party) such as your browser will download the certificate and check this is valid by using the Certificate authorities Public Key to determine if they indeed issued a certificate to that bank at that domain name at that physical address.
Decentralised IDs (known as DIDs) are attempting to create a recognised open standard for identity, utilising blockchain storage where public identification is required. They have huge implications, with the aspiration of creating a ‘trust layer’ for the internet.
In the above bank example, instead of using a relatively centralised Certificate Authority, the company would effectively identify themselves, and this ID proof would be held and be searchable on a blockchain.
The Decentralised ID is also a powerful concept for individuals to control their own identity. Instead of providing copies of your credentials (driver’s licence, passport copies) every time you want to open an account, a relying party could reference a DID that offers proof that the credential is valid. Self Sovereign Identity or SSI is the idea of people of organisations having control over their own identity.
In many cases, DIDs will not need to be publicly searchable, and people will create peer to peer DIDs that they might hold on their cellphone. This is the concept of a Pairwise DID and we’ll explore this concept in an upcoming article.