DID Components and benefits guide

Written by

Published on

We have already talked about the concept of Decentralized Identity in other articles. But it is important to understand the components that give structure to the process that gives rise to it. That is why in this article we are going to explain what are the elements and characteristics of a DID (Decentralized Identifier).

What Is a Decentralized Identifier (DID)?

DIDs are a new kind of identifier that allows a digital identity that was verifiable and decentralized. 

So, a DID is a person’s digital ID?

They can be used to identify people, abstract entities, organizations, data models, and Internet of Things (IoT) devices. as determined by the controller of the DID.

Unlike typical IDs (the federated IDs), DIDs were designed to be decoupled from centralized registries, identity providers, and certificate authorities that normally have absolute control and power over such data.

The design permits the controller of a DID to prove control over it without requiring permission from any other party. DIDs are URIs that associate a DID subject with a DID document that provides for trusted interactions attached to that subject.

That way, every DID document can express cryptographic material, verification methods, or services, which provide a set of mechanisms enabling a DID controller to prove control of the DID. Services enable trusted interactions associated with the DID subject.

A DID might provide the means to return the DID subject itself, if the DID subject is an information resource such as a data model.

One of the most important things that DIDs bring is that they give control of their identity back to Internet users, empowering them.

These DIDs are authenticated by digital signatures that certify validity and provide security through cryptographic evidence.

In this way, both parties (individuals and organizations) benefit from a secure, private and decentralized exchange of information, taking advantage of Blockchain Distributed Ledger Technology or DLT.

What problems do DIDs solve?

Nowadays, with the advancement of the digital universe, it is necessary to provide day to day access for the creation of profiles, or simple use of applications, websites, etc.

But what happens to the data we provide? Well, the existing technology of universally unique identifiers (UUID) and uniform resource names (URN) works with a centralized registration authority, not prepared to verify the ownership of the identifier cryptographically. This consistently leads to privacy losses, data theft and hacks, and other problems related to security flaws in the systems mentioned before.

Instead of depending on a central authority to manage the user’s identity, a blockchain-based DLT, serves as the source of all identifiers stored in the wallet. Identification data is not stored in the ledger, but in a wallet managed by the user, so that individuals can share different parts of their identity with different services at their own discretion and own this data.

Whats about using DID Framework?

However with the DID framework, users can store different accepted identifiers like government or educational certificates, and other personally identifiable information in a secured and private digital wallet. 

Unlike the centralized framework, users can present only the necessary information to any entity. Then these entities can verify that the proofs are true through a blockchain-based ledger. 

For example, you are trying to apply for a new job, and it needs you to prove that you have university studies linked to that industry, which certifies your knowledge. 

Using the decentralized framework, you can control what information is shared from your digital wallet to the online service.

You can provide proof that you have such a certificate, without the need to share more data, and without the need to go through tedious paperwork or submit piles and piles of paperwork to support it. In a matter of seconds you can corroborate the declared information.

At the same time, another great example of use is when we need to certify that we are of legal age. Using this technology, we can control what data we want to share from our digital wallet, so we could present proof that we are over 18 years old without having to reveal our date of birth, and other irrelevant data for that process.

The DID Framework

The core draft, first published by w3c, explains that a decentralized identifier is a simple text string. who consists of three parts:

  1. The DID URI scheme identifier (stored on-chain)
  2. The DID method identifier
  3. The DID method-specific identifier

DIDs act as keys and DID Documents as values to describe specific data models to pull off cryptographically verifiable interactions with the identified entity in the decentralized ecosystem.

Also, a DID document contains a public key for authentication. So the owner of a DID document can determine its ownership by using its associated private key.

DIDs act as keys and DID Documents as values to describe specific data models to pull off cryptographically verifiable interactions with the identified entity in the decentralized ecosystem.

Also, a DID document contains a public key for authentication. So the owner of a DID document can determine its ownership by using its associated private key.

With conventional systems, identity data and certificates are difficult to prove online. While they have the ability to associate online profiles with certain password or authentication data, users cannot simply submit verified data.

Although identity systems have improved by introducing new methods of two-factor authentication (2FA), the essential problem of proving the identity of a third party persists.

Some of the key terms you should understand about DIDs

  • The DID concept refers to the document that incorporates the public keys of an entity (person or machine), and is structured to facilitate the discovery of these keys.
  • The issuer (for example: an Educational Institution, or the Government of a country) is the one who creates its DID with keys. He then writes it in the General Ledger, and finally with those keys, signs the Verifiable Credentials (e.g.: a degree or certificate of studies, a citizenship, or a passport).
  • The Ledger is a publicly accessible, immutable and decentralized repository, where the DIDs are stored so that they cannot be modified, but at the same time, it is transparent and easily verifiable.
  • The verifiable credential or VC represents, basically, the digital version of a document in physical format along with its characteristics and values.
  • The Holder is the owner of the certification, who receives the credential in his wallet.
  • The Verifier plays the role of recipient or final destination of the verifiable credential. Generally, it requests the holder to share the VC, and then verifies its authenticity by means of the issuer’s DID in the General Ledger, which shows in the database that the certificate is valid, and finally finalizes the digital identity verification process.

The top benefits of decentralized identity:

  • Decentralized identity provides the possibility that we can prove almost anything, and that online services trust this fully because of the process it goes through to prove validity. Decentralized identity ensures that everything is verifiable and accepted and trusted by online services.
  • Another great advantage is the possibility of saving the time it takes to update data (for example, a change of address, or an apostille of credentials to make them valid in another country). With a decentralized identity, this would be reduced to a few minutes, it could be done digitally if we already have the necessary VCs loaded in our DID, and we would avoid paperwork, queues and absurd waiting times.
  • In addition, the decentralized identity offers greater privacy thanks to the features supported by the standards. The most prominent ones are:
  1. The Ledger: it ensures decentralization, and that no entity has control over the key infrastructure.
  2. Individuals can choose which Ledger and DID network to use, providing greater traceability.
  3. Consent is always required before sharing. The wallet user can choose exactly what to share, allowing partial credentials to be shared.

The future of Decentralized Identity

Although we do not yet have a decentralized identity that is accepted by the public and private sectors and whose acceptability and usability is “normalized” we are inevitably moving toward it.

It is only a matter of time, we believe, before decentralized identity becomes fully exploited globally.

Tags: , , , , , , , , , , , , , ,

What to read next