Issue Fraud-Proof Credentials Efficiently

If an organization like a university or training program is issuing credentials, they can do so securely by making credentials fraud proof. Fake diplomas are a billion-dollar industry and it’s very easy for people to forge a certificate. This creates many risks for companies and impacts people’s safety as many people who get fake credentials work in health care or more risky field work operating heavy machinery. Even back in the 80s, there were approximately 5,000 fake doctors in the US and it is now believed that there will be many more.

By using decentralized identity technology, organizations help prevent fraud to ensure that you are hiring qualified people with authentic credentials. Let’s say a company is looking for a project manager and they have a practice of hiring efficiently to get the best candidates. Many organizations take a long time to recruit and verify the credentials of candidates resulting in them losing out on great prospects as high-quality applicants often get multiple offers.

Here is how the company leverages decentralized identity technology to hire efficiently:

  1. Mary, the job applicant, manages her decentralized identity and Verifiable Credentials on her phone with a Dock Wallet and wants to apply for the company Naturellica looking for a Senior Graphic Designer.

  2. Mary's University issues her Bachelor of Design as a Verifiable Credential that she stores on her digital wallet and this credential can’t be faked.

https://uploads-ssl.webflow.com/6311eb97e2519f5dbb9ea0cb/63e5441969268a1a84f2ffe8_1-decentralized identity university degree.png

  1. The company makes a job offer and they just need to check that her certificate is authentic. HR requests to view Mary's credentials and starts the verification process with this QR code that Mary can scan:

https://uploads-ssl.webflow.com/6311eb97e2519f5dbb9ea0cb/63e5443e33454c221432968c_2-decentralized identity verification QR code.png

  1. Mary scans the company's QR code to start the verification process.

https://uploads-ssl.webflow.com/6311eb97e2519f5dbb9ea0cb/63e544de513b2da6a153816d_3-decentralized identity presentation request.png

  1. Mary selects the relevant credential to verify.

https://uploads-ssl.webflow.com/6311eb97e2519f5dbb9ea0cb/63e5452133e0fccc4662a783_4-decentralized identity select credential.png

  1. Mary can select which parts of her credential she wants to share rather than showing all of the details on the university degree to maintain privacy.

https://uploads-ssl.webflow.com/6311eb97e2519f5dbb9ea0cb/63e5455b33e0fc1a74631976_5-decentralized identity select data to share.png

  1. The company instantly sees that her credential is authentic and they offer Mary the job.

https://uploads-ssl.webflow.com/6311eb97e2519f5dbb9ea0cb/63e5457395139874114d80d2_6-decentralized identity valid presentation.png

The traditional, manual verification process would normally take weeks to even months.

Decentralized Identity and Self-Sovereign Identity: What's the difference?

https://uploads-ssl.webflow.com/6311eb97e2519f5dbb9ea0cb/6326c7e51bedf7363fcfeff1_2-Self-Sovereign Identity pillars.png

The term “decentralized identity” is used interchangeably with Self-Sovereign Identity (SSI), which is an approach to digital identity that gives individuals control of their digital identities. The three pillars of Self-Sovereign Identity are:

A growing number of organizations in government and in the private sector around the world are leveraging decentralized identity technology, including the EU. As the world moves more and more towards Web3, which is the next evolution of the internet, an increasing number of people will take back control of their data through decentralization and blockchain.

Problems and Risks With Centralized and Federated Digital Identity Systems

Centralized Identity Management: Administrative Control by a Single Authority or Hierarchy

Almost all of our digital identities are connected through services, devices, and apps.

Our personal information like our credit card, name, and address is being stored and shared on an increasing number of websites while our data is often used by websites to track people to display targeted content and advertise. As people access more websites and apps, the more accounts they have to create and manage, which creates a bad user experience.

https://uploads-ssl.webflow.com/6311eb97e2519f5dbb9ea0cb/6327a6122f95e91674d5266c_3-Siloed-identity.jpeg

Centralized systems often make digital identities vulnerable to cyber attacks and privacy breaches, including identity theft. Because so much user data is stored in one place, hackers could access a large amount of confidential information.

Federated Identity ManagementBecause of the problems that resulted from the centralized digital identity model, federated identity was developed. A federated identity allows authorized users to access multiple applications and domains with a single set of credentials like when people can use their Google or Facebook to sign into websites or apps. Signing in this way is also referred to as  “single sign-on” tools.

While this method of signing in is more convenient for people because they don’t have to create a whole new account, the main downside is that if your password gets stolen, all of the other sites you used with that single sign-on account could be exposed. You would have to trust both companies that offer single sign-on to protect your privacy and security as well as all of the third-party websites that offer these options to implement them correctly. In recent years, there have been several cases of Facebook and Google misusing information, including Facebook user data to manipulate people’s moods and Google employees leveraging their positions to steal, leak, or abuse data they may have access to.

More aspects of our lives require verification of our identities in order to apply for a mortgage, buy a car, or sign up for a new service. People have little to no choice but to surrender their privacy to use the things they want.

Thankfully, decentralized identity solutions can effectively solve many of these privacy and data breach problems. Decentralized identity gives people full ownership and control of their personal information and credentials.

Decentralized Identity Management vs. Centralized Identity Management

Decentralized identity management is a way of managing your online identity where you, the user, have control over your own personal information, rather than having it controlled by a central organization or company. This is different from centralized identity management, where a central organization or company holds and controls all of your personal information.

One of the main benefits of decentralized identity management is that it gives users more control over their personal information. With centralized identity management, users have to trust that the central organization or company will keep their personal information safe and not misuse it. With decentralized identity management, users have the ability to control who has access to their personal information, and can easily revoke access if necessary.

Another benefit of decentralized identity management is that it is more secure. With centralized identity management, if the central organization or company's security is compromised, all of the personal information of all of its users is at risk. With decentralized identity management, each user's personal information is spread out and not centralized in one place, so even if one user's information is compromised, it does not affect the personal information of other users.

Also, decentralized identity management is more private. With centralized identity management, users often have to give out a lot of personal information to the central organization or company, which can be used for targeted advertising or other purposes that the user may not be comfortable with. With decentralized identity management, users only have to share the personal information that they want to, and can keep the rest private.

高效地发布防欺诈凭证

如果像大学或培训项目这样的组织要发布凭证,它们可以通过使凭证防欺诈来确保安全。伪造学位是一个价值数十亿美元的产业,而且很容易伪造证书。这为企业带来了许多风险,并影响了人们的安全,因为许多拥有虚假证书的人在医疗保健或更危险的现场工作,操作重型机械。即使在80年代,美国就有大约5000名假医生,现在估计会有更多。

通过使用分散式身份技术,组织有助于防止欺诈,以确保您雇用具有真实凭证的合格人员。假设一家公司正在寻找项目经理,他们想高效地招聘最佳候选人。许多组织需要很长时间来招聘和验证候选人的资格,导致他们错过了许多高质量的申请者,因为高质量的申请者通常会收到多个聘用通知。

以下是公司如何利用分散式身份技术进行高效招聘的过程:

  1. 求职者玛丽使用 Dock Wallet 在手机上管理她的分散式身份和可验证凭证,并希望申请 Naturellica 公司的高级平面设计师职位。
  2. 玛丽的大学颁发了她的设计学士学位作为可验证凭证,她将其存储在数字钱包中,这个凭证无法伪造。

https://uploads-ssl.webflow.com/6311eb97e2519f5dbb9ea0cb/63e5441969268a1a84f2ffe8_1-decentralized identity university degree.png

3.公司提供了一个工作机会,他们只需要检查她的证书是否真实。人力资源从 HR 请求查看玛丽的凭证,并通过这个 QR 码开始验证过程,而玛丽可以扫描这个码:

https://uploads-ssl.webflow.com/6311eb97e2519f5dbb9ea0cb/63e5443e33454c221432968c_2-decentralized identity verification QR code.png

4.玛丽扫描公司的 QR 码开始验证过程。

https://uploads-ssl.webflow.com/6311eb97e2519f5dbb9ea0cb/63e544de513b2da6a153816d_3-decentralized identity presentation request.png

5.玛丽选择要验证的相关凭证。

https://uploads-ssl.webflow.com/6311eb97e2519f5dbb9ea0cb/63e5452133e0fccc4662a783_4-decentralized identity select credential.png

6.玛丽可以选择要共享的凭证部分,而不是显示学位上的所有细节,以保护隐私。

https://uploads-ssl.webflow.com/6311eb97e2519f5dbb9ea0cb/63e5455b33e0fc1a74631976_5-decentralized identity select data to share.png

7.公司立即看到她的凭证是真实的,并向玛丽提供了工作。

https://uploads-ssl.webflow.com/6311eb97e2519f5dbb9ea0cb/63e5457395139874114d80d2_6-decentralized identity valid presentation.png

传统的手动验证过程通常需要数周甚至数月才能完成。

去中心化身份和自主身份:有什么区别?

https://uploads-ssl.webflow.com/6311eb97e2519f5dbb9ea0cb/6326c7e51bedf7363fcfeff1_2-Self-Sovereign Identity pillars.png

“去中心化身份”一词与“自主身份”(SSI)可以互换使用,这是一种数字身份的方法,使个人控制其数字身份。自主身份的三个支柱是:

全球范围内越来越多的政府和私营部门的组织正在利用分散式身份技术,包括欧盟。随着世界向 Web3 越来越接近,这是互联网的下一个演变,越来越多的人将通过分散化和区块链重新获得对其数据的控制。

集中式和联合式数字身份系统的问题和风险

集中式身份管理:由单一权威或等级控制

几乎所有的数字身份都通过服务、设备和应用程序连接在一起。

我们的个人信息,例如信用卡、姓名和地址,正在越来越多的网站上存储和共享,而我们的数据通常被网站用于跟踪人们以显示定制内容和广告。随着人们访问更多的网站和应用程序,他们不得不创建和管理更多的帐户,这会导致糟糕的用户体验。

https://uploads-ssl.webflow.com/6311eb97e2519f5dbb9ea0cb/6327a6122f95e91674d5266c_3-Siloed-identity.jpeg

集中式系统通常会使数字身份易受网络攻击和隐私泄露的影响,包括身份盗窃。因为大量的用户数据都存储在一个地方,黑客可以访问大量的机密信息。

联合式身份管理由于集中式数字身份模型带来的问题,联合式身份得以发展。联合式身份允许授权用户使用单组凭证访问多个应用程序和域,例如人们可以使用他们的 Google 或 Facebook 登录网站或应用程序。这种登录方式对人们来说更方便,因为他们不必创建一个全新的帐户,但主要的缺点是,如果您的密码被盗,使用该单一登录帐户的所有其他网站都可能会受到影响。您必须信任提供单一登录的两个公司来保护您的隐私和安全,以及所有提供这些选项的第三方网站来正确实施它们。近年来,出现了几起 Facebook 和 Google 滥用信息的案例,包括利用 Facebook 用户数据来操纵人们的情绪和 Google 员工利用他们的职位窃取、泄露或滥用他们可能访问的数据。

我们生活的更多方面需要验证我们的身份才能申请抵押贷款、购买汽车或注册新服务。人们别无选择,只能放弃他们的隐私,以使用他们想要的东西。

幸运的是,分散式身份解决方案可以有效解决许多这些隐私和数据泄露问题。分散式身份使人们完全拥有和控制个人信息和凭证。

去中心化身份管理与集中式身份管理

分散式身份管理是一种管理您的在线身份的方法,其中用户拥有对自己的个人信息的控制权,而不是由中央组织或公司控制。这与集中式身份管理不同,其中一个中央组织或公司拥有和控制您的所有个人信息。

分散式身份管理的主要好处之一是它赋予用户更多对其个人信息的控制权。在集中式身份管理中,用户必须相信中央组织或公司将保护他们的个人信息并不滥用它。使用分散式身份管理,用户有能力控制谁可以访问他们的个人信息,并在必要时轻松撤销访问权限。

分散式身份管理的另一个好处是它更安全。在集中式身份管理中,如果中央组织或公司的安全性受到威胁,则所有用户的个人信息都面临风险。使用分散式身份管理,每个用户的个人信息都分散在多个位置,而不是集中在一个地方,因此即使一个用户的信息受到威胁,也不会影响其他用户的个人信息。

此外,分散式身份管理更加安全。在集中式身份管理中,用户通常必须向中央组织或公司提供大量的个人信息,这些信息可能被用于定向广告。使用分散式身份管理,用户可以更好地控制他们的个人信息,并选择与哪些组织共享他们的信息。

分散式身份管理还可以简化登陆过程。在集中式身份管理中,用户通常必须创建多个帐户和密码,以便访问各种服务。使用分散式身份管理,用户可以使用单个身份验证,从而简化了整个登陆过程。

总的来说,分散式身份管理提供了更好的安全性、隐私性和便利性,与集中式身份管理相比,它更加安全、私密和方便。