Why Social Media Needs Self Sovereign Identity Alastair Johnson
There is an inherent problem with how identity works in the digital age. In the current model, our 'identity' is linked to a wide array of metadata that is controlled by a variety of tech companies. The user has little say or control over their own identity, as it is repeatedly treated as a commodity to be bought and sold. The truth is, identity is and always has been more than just a collection of credentials. Credentials are important, yes, but a real identity is more than just the sum of its parts, and includes things like a person's face, their personal history, and how they self-identify. Combined with their other data, a true profile of a person can be generated. The problem emerges when the actual user doesn't have agency over this profile. One need not look far for a very specific and poignant example of this precise issue. The ongoing drama surrounding Twitter's new blue check system shows how chaotic things can become when platforms don't take true authenticity into account for verification. In Twitter's case, a user only had to shell out the $8 fee and, with no other forms of confirmation, they would receive the coveted blue checkmark, which is supposed to mean they are 'authentic.' Immediately, fake accounts imitating real ones proliferated on the service, leading to a fairly swift cessation of the system. A Better Digital ID What will happen next isn't exactly clear, but the situation highlights the need for a better solution for internet identity. Fortunately, this is possible right now by utilizing the benefits of Web3 technology such as blockchains, smart contracts and Zero-Knowledge Proofs (ZKPs). By merging these protocols with personal biometrics, a new level of identity verification is possible, known as a 'Self-Sovereign ID,' or SSI.
These SSIs would be owned by the individual, not a third party company. They would be initially set up utilizing a combination of verified biometric data and other relevant proof of identity, and subsequently could be accessed using a fingerprint, facial scan, or other unfalsifiable credentials. This means that it would be impossible for anyone else to utilize the SSI to gain access to any platform or data. This would be revolutionary for commerce, social media and much more. On the one hand, individuals and businesses could trust that who they are engaging with is really who they say they are. Nobody could realistically assume another person's identity, because a simple check on the blockchain could reveal the imposter instantly. A digital wallet could be linked to this ID, so that all purchases would similarly be verified, with a complete private financial record attached to the address. That being said, the user themself would have complete control over who could see this information and when. In many cases, there would be no need to reveal the actual information stored in the profile itself. Thanks to ZKPs, a cryptographic proof can be generated that confirms the validity of data without having to expose what that data is. How SSIs Can Help
To explain how this is beneficial in practice, take a loan application for example. Traditionally, a bank would need a pretty clear overview of all of the applicant's finances, to determine if giving them the money makes financial sense. There really isn't any way to get around the need to expose a significant amount of financial data with the institution. With SSIs, this wouldn't be the case. The applicant could instead generate a proof that they have a minimum net value at a point in time, required to qualify for the loan, all while never revealing the actual balances or assets held in their portfolio. The lender is secure because these proofs are unfalsifiable, and the borrower stays in complete control of their data.
Inevitably, there will be times where the actual information itself is necessary to reveal. Take medicine, for example. A medical professional likely needs explicit information about the patient's history, but in this situation SSIs can be extremely valuable too. An individual can choose to reveal the specific information to their caretakers, all while keeping parameters on what is revealed and for how long. Patient's are no longer open books to all medical organizations, instead they decide who can see what and when.
The overall point here is that a much more comprehensive and secure system of digital identity is needed moving forward. $8 blue checks simply won't cut it, and users are clearly demanding more. Thanks to decentralized technologies, a true system of verification, that also accounts for privacy, is now possible. This is where Elon Musk and other industry leaders should be turning their attention, because it's exactly what their user bases deserve.