Digital Identity Management: NO personal data is put on a blockchain
A distributed ledger (commonly called “blockchain”) is immutable, meaning anything that is put on the ledger can never be altered nor deleted.
Why is it a bad idea to put personal data on a blockchain?
- Putting personal data on the ledger puts the privacy of the users in danger (as it will constantly be subject to hacking and data breaches). As set by The Article 29 Data Protection Working Party, hashed/encrypted private data is still to be considered private data regardless, as it could always be brute-forced (if not now, probably at some point in the future)
- It violates current privacy regulation (e.g. GDPR; right to be forgotten);
- it is also not efficient as an identity is dynamic (attributes can change over time e.g. house address or number of children).
What exactly goes on the blockchain?
Only references and the associated attestation of a user’s verified credential are put on the ledger (in our case, the Sovrin ledger).
Privacy can be ensured through non-correlation principles via pseudonymisation. So, instead of storing actual private information, the only things stored on the ledger (for the purpose of verification) are:
- Public Decentralised Identifiers (Public DIDs) and associated DID Descriptor Objects (DDOs) with verification keys and endpoints.
- DIDs are a new type of unique identifiers for verifying digital identities, and are entirely controlled by the identity owner. DIDs are independent of centralised registries, authorities or identity providers.
- The formal description for the structure of a credential.
- Credential definitions.
- The different (often tangible) proofs of identity or qualification issued by authorities; such as drivers licenses, passports, identification cards, credit cards, etc. Hence, credential definitions are — as the name suggests — merely the definitions of these different credentials to be stored on the ledger.
- Revocation registries.
- An option for issuers to be able to revoke the claim. The revocation registry is what tells the rest of the world how the issuer will publish the revocation information.
- Proofs of consent for data sharing.
- In order to prove consent or reception of data (basically saying the data has been received and checks have been executed on it), these consent receipts (i.e. proofs of consent) let people do so.
How would this work in a real life scenario?
When an identity owner presents a proof of their date-of-birth, rather than actually checking the truth of the date of birth itself, the verifying party will validate the government’s signature who issued and attested to this credential to then decide whether he trusts the government’s assessment about the accuracy of the data. Hence, the validation of a proof is based on the verifier’s judgement of the reliability of the attestor.
In other words, the ledger enables everyone in the network to have the same source of truth about which credentials are still valid and who attested to the validity of the data inside the credential, without revealing the actual data.
No personal data should ever be put on the blockchain.
For more information about Tykn‘s digital identity platform, an identity management system leveraging blockchain technology, click here.