Digital Identity is All Messed Up. That’s Why You Should Watch Out For uPort

digital_online_identity

The internet needs its own ID card to set things right.

Go around and have a conversation with any group of blockchain entrepreneurs and there is a high chance that at the very least, one of the blockchain entrepreneurs would talk about a new product or a service for internet users to protect and actually own their own online data.

Of course, all the privacy debacles in recent months haven’t helped matters either.

Technology companies such as Facebook and Yahoo along with others such as Equifax have shown people that they shouldn’t trust them with their data.

Those failures have successfully driven home the very true realization that any type of online consumers that has a smartphone device is actually nothing but a,

  • Browsing
  • Posting
  • Eating
  • Searching
  • Walking
  • Talking

fodder for technology companies and their machine learning algorithms along with advertising partners.

Some call them thieves.

But let’s reserve our judgment for a while.

Most people working in the blockchain industry have this idea that users are getting a rough deal for using free online services.

In other words, the modern online consumer does not control his/her data.

Moreover, online consumers don’t receive any kind of compensation from these technology companies and/or advertising agencies for giving up their data to them.

With all of that said, one can’t simply ignore the blockchain fever.

Blockchain technology is slowly managing to enter the mainstream, coincidentally at the very same time as online consumer adopt data sobriety.

That is the reason why some believe that blockchain technology may have an antidote to the online data privacy problem.

In fact, that is also the reason why we’re also seeing a reckless amount of decentralized software application that claim they are helping online users to drive some monetary benefit from all their online data.

Most applications make use of cryptographic technology like utilizing private-public key pairs in order to come up with projects and products that aim to enable users to control all the data that they produce as they are using digital services.

In fact, some of these projects even offer services like a marketplace.

Online consumers can go to these marketplaces and do some really novel things such as selling all their Yelp bookmarks, in exchange for money, to an advertising company or individual.

How much money are we talking about here?

Not much.

For some transactions like these, the user may earn a few bucks in the form of cryptocurrency coins.

But that isn’t what uPort is trying to do.

What is uPort?

People working behind uPort describe it an ethereum-based identity protocol.

And they aren’t looking to just provide online consumers a way to make money off their online data.

They are going for a much bigger piece of the pie.

In other words, uPort is not interested in answering questions that users typically ask.

Questions like:

“What is the best way of getting paid for all my data”.

No.

The team at uPort wants to answer questions like,

“What do I represent in the online world”.

The project lead and co-founder of uPort, Reuven Heck, is of the opinion that no one can answer such questions or problems with the help of nothing but just another application.

Why?

digital_ids

Because the creators of the internet did not build it with privacy in mind.

To put it in simpler terms, they did not embed an identity layer in the fabric of the internet.

Reuven recently said that measures where engineers tweak the crust of the internet (which he calls the application layer) simply did not offer enough to solve the problem.

Rather than doing that, Reuven said that someone needed to rebuild the internet at a much deeper level.

According to what Reuven told reporters, uPort is the identity protocol that will try to accomplish just that.

He said that the team behind uPort believed they had the technology which allowed them to build the solution as an extra horizontal layer across the entire internet.

No individual company would own or control this new layer.

This is the ambition that uPort is taking forwards as it tries to solve problems related to digital identity.

Readers should note here that, uPort isn’t exactly a new project when it comes to teams who are trying to rebuild the internet.

ConsenSys (an incubator and ethereum startup) had uPort as one of its oldest projects under the umbrella of blockchain software technology-based solutions.

Because of that, one has to regard uPort as one of the most rousing blockchain-based approaches that any company has used to rationalize online consumer’s insecure and essentially scattered digital identity.

Out With Internet of Things And In With the Internet of Digital Identity

One point that readers need to note here is that uPort has successfully managed to attract a rather remarkable amount of interest from all parties despite the fact that it hasn’t focused much on the end users.

Danny Zuckerman, who works as the head of strategy and operations at uPort, that the team at uPort simply responded to persistent calls from a major portion of the ethereum developer community.

What did the community want?

It wanted an identity system.

The community also made known its preference of having a decentralized identity system instead of just an identity system.

And if one thinks about it, that is one of the fundamental missions of ethereum, Bitcoin’s cryptocurrency rival.

Keeping in mind that background, the team working behind uPort made a decision.

The team decided that the best approach to what it wanted to achieve as to simply focus on developers.

And give them the tools to delegate the time-consuming task of taking user-specific online data and storing it on the blockchain.

Reuven pointed out that uPort had come up with a way where developers would only have to integrate a small amount of code into their application in order to make the whole thing work.

With that said, there is no guarantee that uPort will always remain hidden from online consumers and/or end users.

Some felt that developers behind uPort would want to bury the identity system deep in decentralized applications and their innards.

Zuckerman pointed out that the team behind uPort will provide end users with a lot of different methods to interact with the identity system.

Why?

Because, according to Zuckerman, uPort represented just an identity layer for the whole of the internet.

And since end users didn’t just make use of one single way to interact with the internet, the same would remain true for uPort as well.

But what does uPort mean when it mentions the term “identity layer”?

Well, in order to explain the term and what the team behind uPort mean when it says the term identity layer, Zuckerman started with ideas such as the top-down mechanism that is easily observable in the analog world.

In Zuckerman’s view, when we are talking about the analog world we’re actually talking about a system where it is the job of the government to define a given individual’s identity.

Moreover, the government only has a limited number of methods in order to do that.

Most of the time the government uses,

  • A driving license number
  • A social security number
  • Of course, the national identification number
  • And a password number

in order to give any individual an identity.

However, the specifics of these methods are dependent on the actual jurisdiction.

digital_identity

The majority of the people have one and sometimes two primary identifiers which are officially sanctioned.

In contrast, the online world is basically a free-for-all.

Zuckerman mentioned that the internet brought with it all kinds of online identity systems.

Typically, these came in the form of a username and a password.

To put it another way, the system of using usernames and passwords represented anything or any place where the user had agreed to identify who he/she was and then proceeded to create an account.

And since the system was so simple to implement, it resulted in a proliferation of such methods and resulting identities.

He further added that such identity systems allowed companies and online services to have a lot of avenues to capture lots of data in lots of different places.

Most of the time, users had no control over their data.

For the vast majority of blockchain enthusiasts, such as system makes little sense if any.

But then there is the fact that all the multiple identities that users have these days, present a serious challenge to the user’s themselves when it comes to juggling them and keeping them safe.

That is just one reason why most users go through at least one security slip up every year or so.

So, people in the blockchain community have already convinced themselves that having multiple identities for various online services does not make sense.

Of course, the other solution, allowing a centralized and single party to take over the end user’s digital identity is, in no way, an ideal situation either.

uPort tries to stay clear from both of these approaches.

Instead, it has the idea that the user himself/herself should have the responsibility of holding and, in cases of need, sharing their online data that is associated with their online identities.

The team behind uPort wants to do that with the help of cryptographic protocols.


The same one that allowed users and companies to control cryptocurrency but without any need of a single large third party.

Plenty of people in the blockchain community frequently call this goal of uPort’s as self-sovereign online identity.

The Space Is Already Crowded

As alluded to before as well, uPort is not the first and neither will it be the last project that is working towards the objective of offering self-sovereign identity systems with the use of blockchain technology.

In other words, uPort already has a ton of competition.

But the most prominent example of what uPort has to beat is probably The Sovrin Foundation.

This is the same foundation that has given the online world Project Indy.

What is Project Indy?

Rather than a single tool, Project Indy represents a set of online identity tools.

The Hyperledger consortium launched Project Indy sometime last year.

Project Indy is a bit different from uPort in the sense that instead of being permissionless and public like uPort, it is more of a hybrid than anything else.

In other words, with Project Indy, anyone is free to view the ledger.

However, if anyone wants to write to the ledger then he/she has to require permission.

The other contrasting point between uPort and Project Indy is that Project Indy has already planned to offer an ICO.

There is also Civic.

It also has plans to start fully rolling out the company’s own identify platform sometime late in 2018 on RSK.

What is RSK?

RSK is a Bitcoin-based layer-two smart contracts platform.

Using the platform, Civic managed to raise a total of $30 million via its own ICO.

Some big-name players from other industries such as Accenture and Microsoft have also unveiled their own identity prototypes which make use of a permissioned and private version of the decentralized platform we know as ethereum.

On the other hand, developers present on the public ethereum network have already begun work on coming up with a standard for, what the community is calling, tokenized identity.

The community is calling it ERC-725.

uport_identity

Fabian Vogelsteller is actually spearheading the standard.

For those who don’t know, Fabian is also the creator of another standard known as ERC-20.

ERC-20 is the same standard that successfully managed to power an early boom in various crypto token crowdsales.

The last player we want to discuss here is Digital Bazaar.

Or rather the team working behind Digital Bazaar.

Digital Bazaar also has started its work with a standard body known as World Wide Web Consortium.

Recently Digital Bazaar launched its own Veres One.

What is Veres One?

It is an identity solution that is based on the blockchain technology.

Readers should note that currently, Digital Bazaar has only launched Veres One’s experimental testnet (similar to a cryptocurrency software) version.

It has many similarities to uPort.

For example, both are permissionless and both are public.

Veres One also doesn’t have a token of its own.

But uPort is based on ethereum while Veres One is actually a freestanding blockchain.

By now, readers should have a clear idea that the blockchain-based identity market is filling up pretty quickly.

And because there are so many competing and divergent standards and products, it creates a certain risk.

What is that risk?

The risk is that all these competing blockchain-based identity systems will once again recreate the problems of the current system.

Those problems come in the form of digital identities being siloed and fragmented.

Of course, people developing these projects have an awareness of these risks.

That’s why the team working behind digital identity systems such as uPort have already started work with various standard bodies in order to try and eventually build a system that is interoperable.

Let’s take, for instance, uPort.

Recently uPort announced that it had managed to join the Decentralized Identity Foundation.

The Decentralized Identity Foundation already boasts some big names such as Accenture and Microsoft.

There are many other members as well.

uport-identity-system

Each member in this group is trying to develop a standard to solve problems such as siloing and fragmentation.

Reuven from uPort, made an effort to underscore the significance of interoperability.

He did that by citing other examples such as,

  • Facebook Messenger
  • WhatsApp
  • WeChat

According to Reuven even those all of these messaging services and apps have impressive userbases.

But they still have not managed to replace the old and reliable email.

What is the reason for that?

Reuven continued his answer and said that he considered email as the only universal service.

Email worked across the entire world.

Reuven further added that users could send emails to anyone and from anywhere in the world.

According to Reuven, each product and service has something to offer that is compatible with other services and products already on the market.

Furthermore, he said, that trying to come up with a service all on your own was actually bad business.

Reuven added that digital identity solutions and products that have this thinking that they have a lead over their competitors because they entered the market at an earlier stage than others will now win if such products and services insist on not joining a standard.

Roadblocks

At this moment in time, no one has answered the question of what would happen to a given online consumer who managed to lose his/her private key?

Remember, under a digital identity system if a user loses that then presumably the user would also lose any sort of control over his/her digital identity.

This is a problem that uPort has given some thought to.

And has also explored some solutions to it.

As its starting attempt, uPort might enable a feature where the user may designate friends who are able to collectively vouch for the user who lost his/her private key.

That way the identity system could take a new public key and transfer all of the data belonging to the lost ID to it.

There are many other roadblocks to identity systems.

But even with those, uPort has not really faced any problems in getting closer to its main goal.

And what is its main goal?

Its main goal is to somehow convince all the developers to utilize the uPort platform within their application.

 

Zohair

Zohair

Zohair is currently a content crafter at Security Gladiators and has been involved in the technology industry for more than a decade. He is an engineer by training and, naturally, likes to help people solve their tech related problems. When he is not writing, he can usually be found practicing his free-kicks in the ground beside his house.
Zohair

COMMENTS

WORDPRESS: 0

Digital Identity is All Messed Up. That’s Why You Should Watch O…

by Zohair time to read: 10 min
0