Survey of Online Identity Management Techniques on Blockchain

Survey of Online Identity Management Techniques on Blockchain

Monica Gahlawat (L. J. Institute of Computer Application, India)
DOI: 10.4018/IJSPPC.2020100102
OnDemand PDF Download:
Available
$37.50
No Current Special Offers
TOTAL SAVINGS: $37.50

Abstract

Secure identity management is one of the controversial topics in the cybersecurity landscape. The user needs to rely on third-party providers for managing their personal information, which is a big security concern. Traditional identity systems typically suffer from single points of failure, lack of interoperability, and privacy issues such as encouraging mass data collection and user tracking. Blockchain technology has the potential to support novel data ownership and governance models with built-in control and consent mechanisms, which may benefit both users and businesses by alleviating these concerns. Blockchain-based systems provide the possibility for their users to insert their data in this distributed ledger. Users can trust the blockchain as it is leveraging consensus mechanisms to validate and gather the transactions in immutable blocks. The transparent and decentralized nature of the blockchain network enables the development of a non-refutable and unbreakable record of data, which is the fundamental feature of many applications, such as identity management.
Article Preview
Top

Introduction

The advent of the internet catapulted us into the digital world, and for the past several decades, our identity has become more and more fractured and superfluous with each new service provider and authority. An online or internet identity is an identity that a user establishes for the other users i.e. social networking sites or for the other websites for proving his/her identity i.e. KYC(know-your-customer), Employment, paying and collecting taxes, etc. Figure 1 is explaining the sectors where identity proof is required. As digital forms of identity are required to conduct our lives, it is becoming clear that identity proofing is incompatible with the ways we transact and behave across digital and physical worlds. The mandatory processes used to verify, authenticate, and manage an identity throughout its life cycle are cumbersome and repetitive, requiring manual data reconciliation and validation process in the background. For individuals, this fragmented process leads to daily frustrations with countless usernames, forgotten passwords, ID documents, and time wasted waiting to be verified and authenticated to complete a task such as gaining access to a building, boarding a plane, getting a job, etc. (We Forum, 2018).

Figure 1.

Organizations where an individual need to prove the identity

IJSPPC.2020100102.f01

Identity is an equally challenging problem for organizations. Most identity- related industry practices and standards are developed and implemented based on industry-specific contexts. The financial service industry has near-complete coverage of users., then also identity mechanisms and capabilities in the sector are still hampered by inefficiencies and costly manual processes (e.g KYC). KYC is often conducted for the same identity multiple times as financial institutions are not designed to “trust” each other and their data. This repetition exists even within the same institution across different lines of business. Similarly, identity is not accepted and trusted across borders. Existing customers often find it difficult to open a bank account with the same institution in another country.

Not only proving, but also retaining the digital identity is an issue. Stealing identity information from social media sites is a very common form of identity theft. Typically it involves taking a user’s publicly available data such as addresses, phone numbers, gender, date of birth and photos, and using them to create fake online identity for the purposes of harassment or fraud. It’s hard to get definitive data on the problem, but some reports suggest that identity theft accounted for 77% of financial fraud cases in India in 2015 (Conversation, n.d.). In Australia, the government estimates the annual cost of identity crime to be A$2.2 billion. In 9% of cases, the personal information of victims was stolen from social media. Identity fraud represents 53% of all fraud in the United Kingdom, with 86% of identity fraud cases enabled via the internet.(Conversation, n.d.). The identity frauds are not limited to financial theft but various honey traps are recorded using social media websites to pretend someone else to get the confidential data from the army people. Figure 2 shows the survey report conducted in April 2020 which shows the fraud trends and the amount of money lost because of these frauds (Tedder & Buzzard, 2020).

Blockchain technology is best suited for digital identity as it is a decentralized and public ledger, in which the data is stored in the form of immutable blocks and the current block stores the address of the previous block to create a chain. As such, the Blockchain contains an un-editable record of all the transactions made. The transparent and decentralized nature of the Blockchain network enables the development of a non-refutable, and unbreakable record of data, which is the fundamental feature of many applications, such as identity management. The person who creates a digital identity using blockchain technology is provided with a private key and the blockchain contains the public key. The user can access the data with the combination of the private and public keys. if any intruder pretends to be someone else, he /she will not have the private key and can be detected on the spot. The paper is presenting a survey of various blockchain-based digital identity provider platforms.

Complete Article List

Search this Journal:
Reset
Open Access Articles: Forthcoming
Volume 13: 4 Issues (2021): Forthcoming, Available for Pre-Order
Volume 12: 4 Issues (2020)
View Complete Journal Contents Listing