Leveraging blockchain to decrease data breaches, increase security

Originally published in Thomson Reuters AnswersOn

By Joseph Raczynski

In the not-too-distant future, blockchain will get personal – very personal. That’s a good thing when it comes to integrity of your digital identity.

The Internet is a complex space for identity management.  Every site has a login and password, and those sites which have federated their login credentials have become massive targets for hackers.  In addition, the largest institutions charged with holding onto private information have become single points of failure; e.g. Equifax and the federal government’s Office of Personnel Management (OPM).  As the security breaches have grown in size, so too has the importance of finding a new solution to protecting of data in our always-connected world.

The solution will soon be in our hands

In the not-too-distant future, you will have a digital wallet containing hundreds or thousands of Decentralized Identifiers (DIDs).  DIDs are described as a new type of globally resolvable, cryptographically verifiable identifier registered on a distributed ledger.  These will be unique, encrypted, addresses that each of us holds in a mobile app to verify something about us; e.g. our age, height or even personal preferences.  They will be granted by a trusted source, but we will hold on to these privately and have complete control over them.  As the Sovrin Foundation explains, “The next evolution of the Internet will be the creation of a common identity layer that allows people, organizations and things to have their own self-sovereign identity—a digital identity they own and control, and which cannot be taken away from them.” This monumental shift enabled through the use of blockchain will change the paradigm of ownership of identity from the traditional large organization like Equifax into private hands.

Submitted photo courtesy of Department of Homeland Security

How will DIDs work?

I would expect that in the next five to 10 years, everyone in the United States will be issued a new national identification number to replace our current social security number.  As you can see in the above graphic, an agency such as the Department of Homeland Security (DHS) will issue this new number.  It will assure the person making the claim is who he or she says he or she is, and issue a DID with a private key (for their eyes only) and public key (for anyone to verify the ID) which the person holds in his or her digital wallet.  The DHS will also register proof of claim integrity on the permissioned blockchain (a vetted private blockchain).  Going forward when requested, the person can present his or her digital identification (public key) to the verifier (Border Patrol, an employer, IRS) who can then validate this claim’s integrity through the secured blockchain registry.  Most of these exchanges of information will use a QR code so the DID can be scanned with ease.  This new verification system will create significant efficiencies and will be much more secure.

Eventually, this will be expanded beyond government issued identifiers, though at MIT Sovrin, it was mentioned the IRS is looking at this solution now.  You will soon have DIDs for access to anything you normally use for login and passwords on websites, access to your house and starting your car.  Anything that requires a key or login now will leverage this new technology.  Self-sovereign identity flips the old model of control from central authorities, or single points of failure to individuals.

Advertisements
About Joseph Raczynski (112 Articles)
Joseph Raczynski Legal Technologist/Futurist Joseph is an innovator and early adopter of all things computer related.  His primary bent is around the future of law and legal technology. He also focuses on several fields including machine learning, mobile, security, cryptocurrency, and robotics (drone technology). Joseph founded wapUcom, LLP, consulting with companies in web and wireless development.  As a side project DC WiFi was created to help create a web of open wireless WiFi access points across cities and educate people about wireless security. Currently he is with Thomson Reuters Legal managing a team of Technical Client Managers for both the Large Law and Government divisions.  Joseph serves the top law firms in the world consulting on legal trends and customizing Thomson Reuters legal technology solutions for enhanced workflows. He graduated from Providence College with a BA in Economics and Sociology and holds a Masters in eCommerce and MBA from the University of Maryland, University College. You can connect with Joseph at JoeTechnologist.com or JosephRaczynski.com or @joerazz

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s

%d bloggers like this: