Who Am I Online?
Your digital identity represents the entire unique profile of your life. From biological identities such as your age to behavioural identities such as your service subscriptions, we rely on these data to prove our credibility. We will provide these data to different institutions for services. In turn, the institutions upload our data online to facilitate their operations. With the surge of online transactions, such digital identities are also becoming more relevant.
Most government institutions and corporations today require us to prove our credentials to grant us a service or transaction. Specifically, we have to enter our particulars in stacks of application forms along with photocopied documents such as our drivers’ licenses. Sounds tedious?
On the other hand, institutions such as banks face administrative and storage issues when they handle your personal data. Storing data in a centralised storage, these institutions have to impose compliance departments and layers of security checks.
In this modern world, personal data is extremely valuable for everyone. Keeping a large amount of sensitive data, many large organisations have become the prime targets for hackers. These locations, termed as “honeypots” are vulnerable to security threats. As a result, these storage areas pose a huge risk for us as our identities can be easily stolen whenever there is a security breach.
Remember the last time you filled up multiple forms for an education loan? How about the time when you discovered that someone has been misusing your credit card because she has access to your data? Multiply these consequences a couple of times and you will get the idea.
A Possible Solution: A Self-Sovereign Identity?
In an ideal world, we would like to reduce our data exposure risk. This includes providing a minimal set of data that has been attested to by the relevant authorities.
For example, authorities such as the immigration offices can verify that your information is correct and give some form of digital approval. Hence, when you contact the institutions for services, they will be confident that the data you have provided is true. In turn, these institutions will be able to verify our identities based on this set of data.
A self-sovereign identity is useful when we want to store our information on our personal devices instead of organisations. Through this way, we have the power to choose what kind of information we provide to different institutions.
For example, I can simply choose to prove to a bartender that I am of a legal age to drink through my phone instead of my passport. In this sense, I can safeguard my full name, my precise date of birth, identification number and nationality against strangers whom I do not wish to share my data with.
The New Normal: How FinTech is Altering Singapore’s Financial Landscape
How does Distributed Ledger Technology (DLT) Come In?
Distributed Ledger Technology helps to manage the development of digital data without any boundaries in a secured manner. This is made possible when institutions validate the information you have provided via decrypting the specific information they need (with a private key) from the authorities (that holds the public key) with your consent (a digital signature). A blockchain system is a popular data structure under this technology.
A quick overview:
| Terms | Meaning | In a mailbox example: |
| Public key cryptography | This key is mainly held by government authorities and allows edits to the data. Data is bundled into categories and encrypted accordingly. | The location of a locked mailbox with a slot that is accessible to the public. Anyone who knows the location of this mailbox can drop a message in it. |
| Digital Signature | This is a message signature from the owner of the private key to verify that she has access to her private key and likely to be associated with the public key. | This is the seal of the envelope that contains the message. The presence of this seal verifies the sender. |
| Private Key cryptography | The owner of the data holds this key. She can allow a third party such as a private institution to decrypt and access a specific set of data. | This is the key to the mailbox. Whoever possesses the key can open it and read the messages. The owner of this mailbox can lend a certain key to the sender of the message to access her information. |
In short, Distributed Ledger Technology advocates for seamless data transmission through a more efficient platform.
What About Us As Consumers?
We need to more aware of how our personal data is being managed with the progression identity-related technologies.
Mobile Services: What You Should Know When You Access Your Online Accounts
Distributed Ledger Technology will inevitably bring about the rise of self-sovereign identity applications. As authorities continue to push for this technology development, we can look forward to more applications in the coming years.
Special thanks to my friends who are willing to share some DLT knowledge with me for this article.
Recommend0 recommendationsPublished in FinTech
