Innovating Identity on the Blockchain

The blockchain is frequently referred to as the technology that will disrupt, transform and reimagine how things are done today. To date, the most successful application of the blockchain is digital currency, especially Bitcoin.

The Bitcoin phenomenon started in 2008 and the Bitcoin blockchain has operated without significant disruption since then. The argument is that Bitcoin has thrived because of its unique capabilities. For example, it is very fast (relative to international wire transfers that can take days), it is anonymous (nobody knows who is behind a bitcoin address), there is no middleman needed (it is completely decentralized), it is not backed by any government and nobody can block you (unlike banks that can freeze accounts).

Can the blockchain also be leveraged to solve problems with identity? After all, identity is a key enabler for today’s digital economy and streamlining it could benefit all of us.

Today, both institutions and users are forced to use convoluted methods to interact with each other. Without a national or internationally accepted digital equivalent of the user’s offline identity (e.g. a passport),

  • Users are forced to create a unique digital credential per institution resulting in unnecessary credential sprawl. A typical user has to deal with several hundreds of unique accounts and credentials.

  • Users are required to provide personal information to multiple institutions to verify their identity making it a very cumbersome registration process. Asking for all this personal information also raises serious privacy concerns.

  • Users are burdened with keeping their personal information updated and in sync across every institution. User’s attributes and identifiers (e.g. passport number, mailing address, work number) can expire, can be revoked or change with time. It can be a major chore to remember making updates to your record with every institution every time there is a change.

  • Users are exposed to risk of identity theft because not all institutions store/operate with world class security practices. Institutions are also targeted non-stop by hackers because they can profit from the stolen identities.

In addition to all this, institutions in some verticals are also required by law to verify the identities of their customers. They are required to make sure they are real, ensure they are not on prohibited lists and keep money laundering, terrorism financing and fraud schemes at bay. These additional checks can be extremely manual, expensive and time consuming.

Can blockchain help streamline Identity? A traditional database that stores identities is typically managed by a single entity bringing into question the integrity, availability and accuracy of the data. In contrast, a blockchain is more like as a distributed database system and acts as an “open, shared ledger” to store and manage transactions.

Each participant in this distributed database maintains a replica of a shared append-only ledger of digitally signed transactions through a protocol referred to as consensus. This can potentially remove the concerns with single point of failure, fraud and control by a single entity.

Each record (block) in the ledger (chain) is cryptographically linked to the previous block. An immutable record on a distributed blockchain ledger strongly associating identifiers with a user’s identity can have significant advantages because it can enable the creation of permanent data that is locked in time i.e. act as provenance for identifiers associated with an identity.

Changes to every single identifier associated with an identity could be logged on the blockchain preventing fraudsters from being able to tamper without leaving an obvious digital trail. It may finally be possible to put users in charge of their own identities so that they have complete control over it. With this, users will no longer worry about identity sprawl, privacy account takeovers or identity theft.

Blockchain also has the potential to help drive software defined, self-executing contracts that can execute without the need for unnecessary human intervention. The software code, identities and rules of the contract can be stored and replicated on the blockchain.

Finally, identity is not limited to people. As new IoT devices (backed by an asset identity) and services (backed by service identity) come online, managing these identities will be critical to help unlock new workflows that were not possible before. Completely new interactions and experiences will have to be supported that haven’t been possible before. For example, an autonomous car automatically paying for gasoline at a pump or a charging station leveraging its asset identity. The rental car company or the owner can be automatically charged leveraging the self-executing contracts.

What's next with blockchain? As with any transformative innovative technology, it can take time for it to establish itself and ensure foundational issues spanning technical, legal and economic are well understood. Established, large, regulated businesses can also be apprehensive of being the first mover when the risk is extremely high and ROI the lowest.

Okta is working closely with our customers and partners as we validate industry specific use cases related to blockchain and identity. For example, we are working to help streamline cumbersome and expensive Identity Proofing flows leveraging blockchain.

  • Download a detailed whitepaper on Blockchain and Identity from Okta.

  • If you have a specific idea or use case for identity and blockchain, we would like to hear from you. Please engage with us on the Okta Ideas forum.

  • If you are an ISV that is interested in partnering with Okta for blockchain use cases, please reach out to us.

  • If you are unfamiliar with Okta and would like to try it out, you can sign up for a trial here.