How Blockchain Could Change The Management of Identities and Passwords and Prevent Occupational Fraud. Potential Problems with SSI.
Solving the issue of hacked data
For a transaction to be valid on a blockchain network, a party initiating the transaction needs to have access to a wallet, to a private key, and a public key. Applied to identities, this means two very important things with huge implications. The first one is that simply having identity data would not be enough to cause damage. Today hackers can steal personal information and credit-related data from Equifax and then use the data to open new bank accounts, apply for credit, and so on. With blockchain-based identities this would be not possible because information about an identity is only a part of what is necessary to conduct a transaction.
The second consequence is that because on a blockchain network transactions are peer-to-peer, there would be no central point of data storage that hackers could attack to gain access to the information. The network would be decentralized with no intermediaries to hack.
With SSIs, it would be possible for websites to check the legal age of their visitors without accessing other sensitive identity information such as name or even birthday date and month. People would be able to show their credit score, prove that they work for certain employers, are citizens that have rights, all without revealing fully their sensitive personal data. Pharmacies could verify the identities of their customers without actually knowing who the customers are and so on.
Blockchain-related problems with self-sovereign identities
Using self-sovereign identities on blockchain networks is very different from how things have been done in the past by individuals, governments and organizations. Switching to SSI would come at costs of several types. Organizations would need both change internal systems and educate their employees.
Another problem is the problem caused by the decentralized nature of blockchains. Decentralization means that a blockchain stores the information on the computers of the members of the network. While a blockchain can have several tiers of users, users in a tier are all equal. There is no central server, no central point of information origination, but also not official support, no phone number to call, email address to send a message to or chatroom where a person could ask a representative a question. With Bitcoin and most other cryptocurrencies this means that if you send funds and later change your mind, there is nothing you can do about it. If you somehow lose access to one of your private keys, you will not be able to use the funds and there will also be nothing that you will be able to do about it.
Obviously, a scenario in which a person loses his or her identity and can do nothing to recover it would not be acceptable. For this reason, SSI networks would need a solution similar to the “recover password” functionality of modern websites.
Introduction to Network Effects
Another issue with SSIs has to do with network effect. Network effect means that when something starts becoming popular, it gets better. For example, the more people use Google to look for information, the more website are interested in getting indexed by Google, which, in turn, means that the user experience when searching for information will be better. Because the user experience will be better, people will be coming back to use Google, which for websites means that if they want to be discovered, they need to be indexed by the website, and the loop continues. The same applies to social networks such as Facebook and LinkedIn. The more friends you have on Facebook or business connections on LinkedIn, the more you are interested in getting and keeping an account on the platform and the harder it will be for you to leave. The same is true with identification and digital identities. If just one place that you visit wants you to have a new form identification, you may or may not obtain in, but if all places of business in your area were to start accepting a new form of identification, you would be very likely to get this ID.
Not only that, but technology companies in the modern age that get data from users on their platforms can then use the data to improve their performance. For example, the more data Google has about the behavior of its users, the better job it can do at determining which websites and search results are relevant and which are not. The more data Facebook has about the interactions of its users with content and with each other, the better job is can do about providing users with positive experience while using the platform. The same applies to blockchain networks: the more users and data a network has, the more effective and efficient it could be.