How Blockchain Could Change The Management of Identities and Passwords and Prevent Occupational Fraud. Introduction to Self-Sovereign Identities.
How SSI identities work
With SSI identity, any verifying party needs to be able to check four things: the issuing party, the party to whom the credential was issued, modifications to the credential and its current status (active/revoked/suspended/etc). Another difference between an SSI identity and a regular third-party identity is that because the SSI is a two-party identity, any person or organization can issue a verifiable credential. However, this doesn’t mean that people will have meaningless credentials because at the same time, any person or organization can choose which credentials it accepts. For example, an organization can decide that it will only accept credentials issued by somebody from the organization. In an industry such as healthcare, service providers can form an alliance and agree to accept credentials issued by the members of the alliance.
Because transactions on blockchain networks occur very quickly, the party checking a credential will know right away if the credential is valid or not. However, just like in the real world, when a credential is not valid, you will still have access to it and be able to use it, just like you can use an expired driver license in certain states to prove your age and identity even though you can’t use it to drive a car.
Misunderstandings about SSIs and benefits of SSIs
There are two most common misunderstandings about self-sovereign identities. The first one is that such identities can’t be useful because they can include self-asserted claims and certificates. The second one is that their usefulness is extremely limited because there are only two-parties involved in a transaction. In reality, these issues are not issues at all because SSIs can function in the area between these two misunderstandings, meaning that an organization may choose to accept only the credentials that it has issued in the first place. A government can also be such an organization. This is exactly how things work today. When a police officer stops your car and asks you for identification, you show the police officer, who is a government employee, a driver license, which is a government-issued identification. When you log into your online banking portal, you use the credentials that you have obtained from your bank.
Even if you just replace the current systems for identity and password management with blockchain-based systems, you will still receive a number of benefits. First, blockchain technology has stronger security and authentication because instead of shared secrets stored on a server, a blockchain network uses cryptographically secure decentralized data.
Second, because of the stronger security, blockchain-based identities can provide users with a better user experience. Because authentication on a blockchain network can occur seamlessly, you can open a portal and access your account without having to sign in, provide passwords, or answer a seemingly endless array of questions about your birthday date, mother’s maiden name, address, zip code, last transactions, and so on.
Third, authentication on blockchain networks is a two-way process. It is not just a portal or system that verifies you. On your end, your wallet also verifies the legitimacy of the system on the other end. This helps prevent phishing and all types of misrepresentation when somebody contacts you pretending to be your bank, the government and so on.
In addition to regular software authentication, on a blockchain network it is possible to use a hardware wallet in addition or instead of a software wallet.
A hardware wallet is a physical device that you can attach to a computer, smartphone or tablet. There are different brands and types of hardware wallets. Some of them look like memory sticks. Others look like external hard drives. Most hardware wallets available on the market today have a screen and two physical buttons that you can push. One button approves a transaction and the second one denies or cancels the transaction. The reason for the screens and physical buttons is simple: even if a hacker gains access to your computer or mobile device, the hacker will not be able to do anything with the information you have on blockchain because the information is cryptographically secure and to perform any action with the information, a physical push of a button is needed and this is not something that can be done virtually.
When you use a hardware wallet, all the transactions actually happen on the hardware of the wallet, and not on your computer or mobile device. This means that even if your computer is infected with a virus, you will still be able to show proof of identity securely using your hardware wallet. The biggest disadvantage of hardware wallets is that they are not free. In most cases, blockchain software is open-source and free. As its name clearly indicates, a hardware wallet is a piece of hardware that someone had to create and if you want one, you will have to buy one.