Gemalto, an international digital security provider, announced that it will use R3’s Corda enterprise blockchain to address a problem that affects us all: digital identity management.
In a world where it is becoming increasingly difficult, and critical, to prove that you are who you say you are (and that potential imposters are not), leveraging distributed ledger technology to manage identities online may prove a substantial advancement.
The Problem: Proving Digital Identities
The conventional means of verifying identity can be prone to lots of weaknesses. Government documents that attest to identity can be forged. So can signatures, whose authenticities are hard to confirm.
And in the online world, people can claim to be whoever they want, as digital identity thieves, catfishers and radical propagandists well know. Short of asking users to upload copies of physical identity documents (which, again, could be forged) or cross-checking identity claims with email accounts, phone numbers or other personal records (which are also easy enough to forge or manipulate), online platforms lack a means of confirming that their users are who they claim to be.
In short, the world has lacked a way of proving beyond a reasonable doubt that someone’s claimed identification is authentic, especially in online settings where biometric means of identity confirmation, like scanning fingerprints, are not usually practical to implement.
A “Trusted” Blockchain-Based Solution
Gemalto, a large company that specializes in digital security software, thinks it can solve the conundrum of online identity management by using an enterprise blockchain — specifically, R3’s Corda — to help power an identity management system.
Gemalto’s blockchain-based identity management solution, which the company announced earlier this month, is called Trust ID Network. It allows individuals to create a personal “self-sovereign digital ID” (in Gemalto’s parlance) and manage it through a mobile app called ID Wallet. The app uses Corda to share identity information with organizations, such as banks or government agencies, that might want to confirm a user’s identity.
Gemalto emphasizes that it does not store personal information itself on the blockchain. Instead, it uses the blockchain as a decentralized infrastructure for identity management and confirmation.
In addition to providing a theoretically more effective means of confirming digital identity than has traditionally been possible, Trust ID Network stands to make users’ lives more convenient because it offers a single solution that can be used to prove identity to multiple organizations. Users establish their identity only once and can then use the system with as many organizations as they want, provided those organizations support it.
A Centralized, Decentralized Digital Identity Solution
Naysayers and decentralization fanatics might point out that although Gemalto’s digital identity solution uses a decentralized blockchain to manage identities, the system is pretty centralized in other important respects. To use it, you have to leverage Gemalto’s app, and you have to trust Gemalto to verify identities accurately.
As a company that has spent a long time developing solutions for verifying identities, Gemalto is no doubt pretty good at making sure that people are who they say they are when they register for one of its services. In fact, Gemalto probably does a much better job of identity verification than your typical website or social media platform.
Still, Gemalto can’t totally solve the problem of identity fraud. Someone who is really skilled at forging documents or stealing identities could probably still slip by Gemalto’s defenses.
That said, it’s important to think in realistic terms. Gemalto’s Trust ID Network might not be able to provide completely airtight identity confirmations. But neither can anyone else. And Gemalto’s solution at least has the advantage of making identity verifications available via a decentralized network, which will simplify access to digital identity information — not to mention make it difficult for online services to impersonate Gemalto when presenting identity information, which is important for ensuring that organizations can trust Gemalto’s system itself.
Plus, Gemalto’s Trust ID Network stands out as one of the first real-world platforms that uses a blockchain to assist in identity management. There has been much written about the potential for blockchain technology in this realm, but little real development to date. (Alongside Gemalto’s new solution, Sovrin, which is backed by IBM and other companies, is another notable real-world example of blockchain-based identity management.)But if you want to see Trust ID Network in action, you’ll have to wait, at least a bit. Gemalto said it will launch pilots with select companies later this year.
What you get:
1) The Distributed Ledger newsletter delivered once a week
2) Access to curated top content & exclusive reporting
3) Discounts and first access to our event series
I'm already a subscriber
Sorry we didn't recognize you, please login with your email below and we'll let you get back to our exclusive content.
Our goal is to bring you high quality content ad-free, all we ask is your email so we can keep you up to date.
I'm already a subscriber