Digital identity is information on an entity that is used by computer systems such as the internet. Here, an entity does not limit to a person and could also be, e.g., an organization, a device or even software. Since the beginning of the internet, digital identity has been continuously changing through time. Starting as centralized identity silos, digital identity has gradually evolved toward more and more decentralization, as outlined below.
1. Centralized Identity
Digital identity started with the centralized identity model where organizations establish point-to-point trust with each user. In this model, the organizations own and manage all digital identities, leaving the users themselves almost no control over their own digital identities. Since information is siloed, this model causes significant redundancy and inefficient storage of personal information. Storing and protecting personal information is also a liability that requires large operating costs.
2. Federated Identity
The next stage of the identity model is known as the federated or server-centric model where digital identity is shared between trusted organizations, enabling domain-to-domain trust. This model breaks the identity silos and reduces redundancy with, e.g., Single Sign-on (SSO). The federated model was promoted by the invention of several protocols, including Security Assertion Markup Language (SAML), OAuth and OpenID Connect (OIDC).
3. User-Centric (Mobile) Identity
In recent years, smartphones have emerged as persistent devices that can be digitally protected by, e.g., biometric information. This enables delegation of trust from organizations to mobile personal devices. In online banking, for example, SIM cards in mobile devices have been utilized as an identity tool for legally binding authentication and transaction signing.
4. Self-Sovereign Identity
With the rise of the blockchain technology, the self-sovereign identity model has emerged as the most recent stage of digital identity. A blockchain serves as a decentralized and distributed tamper-evident log for digital identity and provides a common trust domain, known as the Identity Trust Fabric (ITF). This model enables full control and management of their own personally identifiable information (PII) without the need for a centralized authority.
New : 2020 Guidance for Decentralized Identity and Verifiable ClaimsGet the guide