Crafting a Seamless Future with Globally Interoperable Digital Identity

Ayelet Saly
September 25, 2023
Trust, Authentication, and Cooperation

The challenge of establishing trust and authenticating the credentials of individuals or organizations has deep historical roots. In any collaborative endeavor involving individuals or entities, mutual knowledge about each party becomes imperative. However, acquiring this knowledge and validating it presents distinct challenges. While gathering information is a straightforward task, authenticating that information requires placing trust in the source of that information or a trusted third party who can vouch for their claims.

In a world characterized by localized economies, this process was relatively straightforward, as people within communities were well-acquainted with each other. However, as individuals began to cooperate beyond the boundaries of their immediate communities, the necessity for third-party authentication became apparent. For example, during medieval Europe, heralds were entrusted by all parties to validate the names, lineage, and other qualifications of knights. With the emergence of modern nations and the expansion of global trade, the task of establishing trust grew more challenging, necessitating authentication methods that could transcend geographical boundaries. Paper certificates filled this role, as people collectively agreed to place trust in these documents when signed by a reputable authority, such as a government or university. The trust in these documents, like passports and driver’s licenses, relied on the issuing entity’s commitment to ensuring that no misuse of the documents or a holder’s identity occurred.

In today’s digital landscape, these traditional documents face significant challenges in terms of online and offline authentication, particularly with the possibilities that lay in artificial intelligence. These authentication documents were designed for a paper-based world and worked well in those boundaries, much like how horse-drawn chariots served their purpose during Roman times. However, in today’s digital world, they have many limitations:

New technologies are emerging to displace these old systems. While traditional documents inspired trust, digitalization provides the opportunity to create new threads of trust. A decentralized model for identity, known as Decentralized IDs (DIDs), coupled with Verifiable Credentials (VCs), offers a near-seamless method for automatically verifying claims about individuals, organizations, and even commodities.

What Are DIDs?

The concept of self-sovereign identity is not new. As the digital world expanded, the need for a privacy-focused, user-controlled identity system grew apparent. About seven years ago, a group called IIW[1] began exploring the use of blockchain for identity purposes, leading to the creation of the concept of DIDs[2]. The World Wide Web Consortium (W3C)[3], the organization responsible for maintaining the web’s structure, recognized the importance of introducing an identity layer to the internet — a missing piece of the puzzle. Consequently, DIDs emerged as a standardized solution.

DIDs represent a paradigm shift. They herald the end of identities controlled by centralized entities. With DIDs, users become the true owners of their digital identities, holding the keys to their personal information in the vast realm of the internet. DIDs revolutionize not only ownership but also the way we manage, represent, secure, and utilize our identities. They introduce a new approach to privacy management and provide a fresh framework for personal and business interactions on a global scale.

So, what precisely are DIDs? They are a novel form of identifier that enables verifiable, self-sovereign digital identities. They are entirely under the control of the DID holder, independent of centralized registries, authorities, or intermediaries. Think of a DID as your digital fingerprint, operating like an exclusive keychain. Traditionally, whenever you needed access to a place, such as a website, you received a key or password from a key provider, like Facebook. Now, envision having a universal keychain where you possess all the keys, and no one else can duplicate or confiscate them. This is the power of DIDs — a universal keychain for the digital world.

The DID architecture comprises a universally unique identifier generated in a decentralized manner, along with the following components:

Creating and interacting with a DID
Own Your Identity

In prior identity models, your identity belonged to the issuer, whether an organization (such as your workplace), a government (as indicated in the fine print of your passport), or an identity provider (e.g., Google). In the self-sovereign realm, individuals assume control over their identity identifier, which they create themselves. The decentralized network ensures that the ID remains universally unique and immutable.

A Decentralized Identifier (DID) consists of a unique combination of numbers, letters, and symbols that can be validated to confirm your identity in both digital and non-digital realms. With your DID, individuals or entities can issue Verifiable Credentials (VCs) to acknowledge your status, whether it’s ownership (e.g., a land deed), achievements (e.g., a degree), health status, or even personal information like your name and age when needed for verification.

Consider this scenario: Joe works for an organization promoting educational equality. The organization offers a scholarship to Alia if she can prove her enrollment in a university. Here’s how DIDs come into play:

Alia shares her DID with the university, which, in conjunction with its own DIDs, provides her with a VC confirming her student status. Alia can then share this VC without disclosing any additional information, and Joe can grant her the scholarship.

By using DIDs, our private information transitions from being owned and managed by government, university, insurance entities, etc., to being self-owned and self-governed. This transformation has a profound impact on our communication with others, introduces numerous new use cases, and provides a framework for easily verifying information.

Four Key Aspects of DIDs
  1. Empowerment through Ownership: When your data belongs to you, you are no longer subject to the control of a centralized party, such as the government. This holds significant relevance in today’s world, particularly for immigrants from conflict zones or unstable countries who often find themselves without an “identity” in new nations or when dealing with various aid organizations. According to the World Bank, an astonishing 1.1 billion people lack legal identity today, with far-reaching consequences, including limited access to healthcare, financial services, and vulnerability to human trafficking.
  2. Eliminating Trust Costs: Trust, or rather the absence of it, takes a considerable toll. DIDs eliminate this cost by providing a verified, indisputable, and unalterable source of truth. For instance, consider the case of hiring a new employee with impressive credentials. To verify that her diploma is genuine and not created by an AI, traditional methods would require significant verification efforts and costs. However, with DIDs, her credentials can be readily and reliably verified.
  3. Privacy and Security: DIDs empower individuals to share only the information they choose, enhancing privacy. The robust identity verification and authentication mechanisms inherent in DID protocols mitigate the risks of identity theft and fraud, creating a secure digital environment.
  4. Interoperability: DIDs facilitate seamless integration across platforms and systems, enabling interoperability among diverse applications and networks. This fosters frictionless collaboration, drives innovation, and expands opportunities for all. One compelling application is an Environmental Product Passport that traces the environmental impact of batteries across the supply chain. Mavennet’s flagship product, Neoflow, exemplifies this, leveraging DIDs in collaboration with the US Department of Homeland Security to build traceability for energy.
Real-World Impact

DIDs are not merely a concern for tech-savvy individuals; governments worldwide are increasingly embracing these standards for their own identity programs. Here are a few examples:

Apart from governmental and individual identity use cases, standardized decentralized identity offers numerous other possibilities, including:

1. Refugee Identity Management

Millions of refugees worldwide lack official identification, making it difficult for them to access essential services, assert their rights, or prove their identity. By issuing DIDs to refugees, aid organizations can establish digital, verifiable, and enduring identities for each individual, enabling access to services, confirming family ties, and securely storing educational or professional credentials. DIDs ensure that a refugee’s identity is no longer contingent on a physical document susceptible to loss or destruction.

Example: Refugee Identity Management
2. Land Rights and Ownership

In many developing countries, land ownership disputes arise due to poorly maintained, easily altered, or corrupt land registries. Integrating DIDs with a blockchain-based land registry system can irrefutably link land ownership to an individual’s or community’s digital identity. Such a decentralized system ensures that ownership records remain unchanged and legitimate, even in the face of local disputes or political instability.

3. Financial Inclusion

Over a billion people globally lack access to financial services due to the absence of formal IDs. Without bank accounts or credit histories, their economic potential remains untapped. DIDs enable financial institutions to onboard individuals lacking traditional identification, with digital IDs also recording financial behaviors. This allows people to build credit histories, access loans, and other essential financial services, fostering economic growth and empowerment.

4. Privacy-Preserving Voting

Eroding trust in voting systems has become a global concern due to fears of tampering, fraud, and voter disenfranchisement. DIDs have the potential to revolutionize voting by providing each eligible voter with a unique, verifiable, and tamper-proof digital identity. Citizens can vote securely from any location, with their identity verified through their DID while remaining anonymous to safeguard privacy. This reduces the risk of vote tampering and enhances accessibility to voting.

5. Insurance

In many parts of the world, farmers rely on their crops for survival. However, the claiming process for insurance in cases of drought or floods can be time-consuming, leaving farmers in dire need of funds. DIDs can streamline this process by enabling insurer-farmer contracts based on climate conditions. These contracts can offer immediate payments based on predetermined “world states,” such as the amount of rainfall during specific months.

Owning your identity on a distributed platform bestows upon you a range of rights in both the physical and digital realms, rights that cannot be denied and can be easily authenticated.

In our upcoming post, we will demonstrate how to adopt and develop DIDs on the Stellar network with DID:STLLR.

[1] Session Topics from the Internet Identity Workshop since 2005, Decentralized Identity.

[2] Decentralized Identifiers (DIDs) v1.0, Core architecture, data model, and representations W3C Recommendation 19 July 2022


Hi, are you ready for liftoff?

We'd love to hear from you, let's get in touch now!