We live in a digital age in which technology is advancing at an exponential rate, our world is becoming digitized, and our personal information is linked to more and more apps, devices, and services. Our digital identities are increasingly prone to data breaches and misuse as our personal information is shared with every service provider we wish to engage with. Decentralized identity is an emerging concept becoming more popular for online consumers by eliminating the need to pass personal identifiable information (PII) to an ever-increasing number of companies. However, in practice, decentralized identity has only existed for a handful of years, and its potential is still being discovered. So how did we get here?
Conventional Centralized Identity
Online identity has evolved since the creation of the internet and taken many forms in its relatively short lifespan. Initially, we saw the rise in popularity of conventional siloed identity, in which a centralized authority (service provider, retailer, government agency, university, etc.) gathers and stores PII for every user account in its system. The problem here is that as we created more and more online accounts, each with their own usernames and passwords, more of our personal data was being dumped into these massive databases.
As these centralized identity models continued to increase, so too did the size of the target on the siloed databases. Hackers recognized that these stores of data were ripe for the picking and it became apparent that the more accounts you had spread across the web, the more likely it was for your personal identity information to be compromised in a data breach. Centralized identity is still one of the most common digital identity models in use today, which has unfortunately opened the door to a continuous onslaught of data breaches. Even today, data breaches are up 17% since 2020 and our email address, social security numbers, bank account information, and more, are all vulnerable to exposure.
In addition to being risky, keeping track of dozens of usernames and passwords made digital identity management incredibly inconvenient. Let’s face it, when it comes to the security of our digital identities, and the manner in which data is exchanged, efficiency and urgency are key. Wouldn’t it make sense to be able to reuse one identity account with multiple sites and services? Thus, a new identity solution was created: federated identity.
Even if you’ve never heard of federated identity (FID), chances are you’ve encountered a federated identity solution before - anytime you’ve been asked to “Log in with Google.” This identity movement gave users the ability to reuse an account across multiple services and put a certain amount of control back in the hands of the user, especially with the rise of Facebook, Google, and other social media platforms. Beyond that, this approach helped usher in the paradigm shift from physical wallets to digital wallets, as our identities became increasingly linked to our mobile devices.
Apple Pay and Google Pay are two examples of this contact-less, mobile payment technology that placed identity credentials directly on a user’s device. Reducing the need to carry and use credit cards definitely added a level of security to the everyday transaction process, and was arguably more convenient, but it did not prove to be the best solution for protecting our digital identities. For one, it required users to place a tremendous amount of trust in the identity provider (Facebook and Google, for example, both of which have had major data breaches), taking control out of the hands of the users. Furthermore, reliance on a centralized service provider means acquiescing to the security and privacy policies implemented by that federation, which could be limited by device type or Terms of Service, for instance.
The natural solution to the security and privacy issues associated with a centralized digital identity is a decentralized identity. This identity solution has taken off in recent years as personal privacy and cybersecurity becomes even more important. Real-world credentials such as email address, social media accounts, government-issued ID, bank account and more can now be attested to, verified, and stored tamper-proof on a user’s device, and potentially shared and reused at the discretion of the user. Moreover, a user only needs to prove their identity once, establishing a verification that acts as a cryptographic key with each company they interact with.
A future built on decentralized identity opens the door for an ecosystem in which digital interactions are transparent, interoperable, and efficient. From proving your identity on a dating site to allowing businesses to complete Know Your Customer (KYC) requirements, all while reducing the chances of identity theft and fraud, decentralized identity will continue to play a major role in our daily lives.
The Bloom Solution
Bloom offers a solution for digital identity, user privacy, and risk assessment. In fact, Bloom was founded in response to the 2017 Equifax scandal, in which hackers gained access to the private information of 147 million US citizens. By developing the BloomID, Bloom gave its users the ability to create and control their own digital identities. More recently, with the release of OnRamp, our latest business-focused product, we are securely connecting enterprises to users by offering reusable, verifiable credentials to help enable compliance and risk assessment. This means that your personal information and financial data, used in risk assessment, are available to use on a decentralized platform without sacrificing your privacy.
At Bloom, we are giving you the tools to take back control of your data all with one simple app. No more centralized data storage. No more selling off your data to the highest bidder. It’s time to take back control of your data and unlock the power of a secure identity today. Download the Bloom mobile app to build a digital identity, monitor your credit, and get free data breach alerts with Radar! And then watch as new opportunities start to present themselves for use with businesses you interact with. Subscribe to our newsletter to keep abreast of the latest companies integrating with Bloom's mobile app.