Since the debut of CryptoKitties in 2017, non-fungible tokens (NFT) have become more and more popular. Although the gaming industry currently has the most active use cases for NFTs, other fields such as identification are gradually beginning to use non-homogeneous token technology.
NFT tokens have unique metadata and are only associated with specific unique assets. Therefore, NFT cannot be replaced by any other token, because all other tokens-even tokens that comply with the same token standard (ERC-721)-cannot replace the metadata recorded.
Data storage and sharing capabilities have brought many benefits, and the digitization of information has become a growing trend, but it has also raised many questions about the security of personal data. In recent years, there have been many hackers and personal information leaks. Users do not (and should not) always rely on third-party external servers to store personal data.
Blockchain tries to provide a solution for this, in order to take into account accessibility, privacy and security. This initiative is mainly due to the development of non-fungible tokens (NFT), which can be used exclusively to store and manage data identities and data.
NFT contains unique information about a specific commodity or asset, which makes NFT a good use case for identification and authentication on the blockchain. Everyone has unique attributes and identity information-NFT can digitize cases, personal files, education information, addresses and other information, allowing data to be easily manipulated by themselves. With the increasing application of blockchain, more and more people will use NFT to store personal data. This technology has a bright future.
When it comes to crypto identity management, blockchain will enable public and private organizations to operate more efficiently and improve service quality. Blockchain identity management provides a private, secure, and powerful software ecosystem. However, although blockchain technology has significantly improved crypto identity management, there are still some problems at the moment: availability, (lost) private key handling methods, and number of users. In addition, most blockchains used for crypto identity management store part of the data in third-party systems (such as wallets that store information in computer or server memory).
In this article, we will introduce a new concept, IdToken. The use of IdToken makes identification more secure, faster, and reusable.
Traditional identity management model
There are some problems with the traditional identity management model. For example, it often needs to entrust a central agency and cannot guarantee transparency. The development of new identity management models for these use cases has become an important trend. In the blockchain ecosystem, there is no traditional centralized organization that collects identity information. The blockchain ledger is immutable and can verify and ensure the legitimacy of users, transactions, and messages. Blockchain authentication is done through smart contracts and does not require a third party to verify transactions. This can reduce costs while increasing security and privacy.
In traditional identity management, the most popular blockchain software is undoubtedly Hyperledger Indy. There are many examples of using Hyperledger Indy for data management, such as Sovrin (decentralized global autonomous identity utility), MyData (co-built with Sovrin) Plans for autonomous identity and authentication mechanisms), etc. Indy is a distributed ledger designed specifically for decentralized identity authentication. It has complete open source specifications, terminology and design patterns, which help to promote the proposal of decentralized identity solutions. Hyperledger Indy is a good solution for managing crypto identity issues, but Indy has not completely solved the problem.
1. User information is stored in the wallet or resume folder, not stored on the blockchain, so it is easy to lose.
2. If the user changes company, the user needs to apply for all identity information from the original company, which is time-consuming and labor-intensive.
3. Each application needs to have a decentralized identifier (Decentralized Identifiers, DID), that is, each application requires a new DID username and password, which occupies a large amount of memory in the blockchain.
4. If the DID length is too short, it may cause safety data leakage and cause safety problems.
In response to these questions, we took IdToken as an example to answer the above questions, which we will discuss in detail below. (Hyperledger Indy that incorporates IdToken is called IdChain)
IdToken identity management model
In order to better understand the development of IdToken and IdChain, for example, at least three elements need to be considered, users, companies and institutions (providing users with identity attribute guarantees). In IdChain, the registration method and mode of each user are the same. To register in IdChain, users need to provide personal information (name, surname) and biometric data (fingerprint or facial recognition). The biometric data becomes a private key after crypto hash conversion, the private key is stored in the encryption engine of the personal device, and the public key is generated after the private key is generated.
After registration in IdChain, a new block needs to be created in the ledger, and the token smart contract generator will execute and automatically generate it. In the new block, users can insert, store and encrypt all personal data with a public key. Users can use the private key (the hash value of biometric data) to read and insert new information in the IdToken; if you want to grant someone read-only data access, the user must share the public key.
The advantage of this mode is that the user can insert all the information in the IdToken. In Hyperledger Indy, a lot of wallet data is stored on local devices (smartphones, computers), which may cause information loss. But in IdChain, even if the user’s personal device is lost, the biometric data can still be accessed without the intervention of the central agency.
If users want their company to obtain their own identity information from the organization, they need to perform the following steps:
1. Users and companies have accounts on IdChain. The user uses his IdToken to show his identity to the company, and his identity is verified by his institution.
2. The user applies to the company for IdToken access and provides his public key. After the company receives the request, it verifies the verifiable credentials in the IdToken and accepts the request.
3. The identity of the user and the company is verified (crypto signature).
4. After identity verification, the company sends a request to the user to provide the information that the company needs to decide whether to hire the user.
5. The user accepts and sends the IdToken (only contains the information required by the company and is verified by the institution).
6. The company can read user data and decrypt its IdToken with its public key.
7. In this series of steps, each operation will have a time stamp. In this way, both parties know the identity of the other party and can operate safely and reliably.
Advantages of IdToken
– no need to proprietary software or infrastructure . IdChain uses a public blockchain, and users do not need to invest a lot of money to establish technical infrastructure for identity management.
– Data can be revoked . Identity data can be revoked by the data owner. If the user changes the credit card number, the data owner can revoke the previous/invalid credit card number data on the blockchain.
– Global compatible . Users can store and share identity information anywhere in the world. User data can be accessed and used regardless of the country. If the user changes to a new company, he only needs to open the idToken access to the new company.
– All information block chain native, no local storage.
– Safety and verifiable credentials . Personal information will be hashed and crypto and stored securely in IdToken without worrying about security issues. In addition, the IdToken is unique and cannot be copied.
This new method of crypto identity management and certificate distribution is very useful and secure, improving privacy, security and efficiency. In addition, idToken can replace paper information exchange, speed up the identification of users and companies, and eliminate openness problems that cannot be solved in traditional crypto identity management. Another important feature of this model is to improve the usability of the blockchain. IdChain uses encryption engines embedded in portable devices (such as smart cards, etc.) to separate identity information from specific devices (such as computers, etc.). As the second authentication factor, the biometric key solves the problem of the lack of authentication agencies in the Indy authentication system.
There will still be privacy issues in the future, and the use of biometric data (except fingerprint schemes) in the blockchain must be further developed. In addition, development tools are needed to partition the amount of data in the IdToken so that the data accessed is only the data that is necessary to access, so as to improve the usability and practicality of the blockchain.
In the near future, we can foresee a highly secure identity management model, unlocking and sharing more possibilities of NFT tokens, proving the ownership of items and authenticity of identities, providing protection for user identity security, and ensuring assets/tokens The ownership of is shared in a safe and credible way.