Decentralized identity explained
Last updated
Last updated
Decentralized identity is a way of managing online identities that do not rely on storing personal data in centralized databases such as social media platforms or government ID systems. Decentralized identity systems enable users to completely own and control their data.
Issuer: An organization that has the authority to issue Verifiable Credentials such a KYC company issuing a KYC credential or online course platform issuing completion certificates.
Holder: User who owns the credential and stores it in their digital wallet.
Verifier: The party validating or authenticating the credential like an employer needing to check a candidate’s educational credentials or staff at a store that needs to verify that a customer is at least 18.
Decentralized identity is often used interchangeably with the term Self-Sovereign Identity (SSI).
Blockchain acts as an immutable registry containing the Decentralized Identifiers (DIDs) of all credential issuers. When verifying a credential, a Verifier will look up the Issuer's DID to see if it was truly that Issuer that signed that credential.
Issuers' Decentralized Identifiers (DIDs) and associated Public Keys
Credential Schemas
Revocation Registries
Decentralized identifiers (DIDs) are unique identifiers that are associated with a digital identity. DIDs are made up of a string of letters and numbers that can be stored on the blockchain and can be used to authenticate that identity.
Here’s an example of a Dock DID:
Every DID that is created comes with a private and public key pair and some DID methods allow multiple key pairs.
Whenever an organization issues someone a Verifiable Credential, their public DID is attached to that credential. Because the public DID (and issuer’s public key) is stored on the blockchain, whenever a party wants to verify the authenticity of the credentials, they can check the DID on the blockchain to see if it was really the issuer’s private key that signed the Credential.
Digital credentials that conform to the Verifiable Credentials Data Model 1.0 developed by the World Wide Web Consortium (W3C) can be referred to as Verifiable Credentials. This standard is a “specification [that] provides a standard way to express credentials on the Web in a way that is cryptographically secure, privacy-respecting, and machine-verifiable.”
Benefits of Verifiable Credentials:
Instantly verifiable, without the need to contact the issuer
Tamper-resistant with the use of cryptography
Privacy preserving by giving holders full control of their data