Blockchain Can Put An End To Data Theft
20.10.2021

Blockchain Can Put An End To Data Theft

By bit.team

Most consumers in the past have put convenience above privacy. They rarely read the fine print or scrutinize technology before sharing information online.

Users don’t want to enter different passwords for each of their online accounts, or enter all their credit card information every time they shop online. Instead, they transfer ownership of the data to third parties, whether companies or government agencies. These data constitute the identity of the person concerned. However, when entering information, consumers almost do not think about it. Every organization and every body is involved in the identity management business, regardless of whether they are aware of it or not.

Have you ever read the entire Google Privacy policy from beginning to end? Or Amazon? You yourself give permission for the use of your personal data, and then stare at the monitor with an astonished face when you see them on sale on the darknet. Ninety percent of the leakage of such information is due to our stupidity and negligence.

Thanks to blockchain technology, data protection can again become more important and secure. Blockchain can control information and avoid duplication. This gives people back sovereignty over their data, and the ability to control it – regardless of where it is stored.

Self-assessment

The Illinois blockchain Initiative is an example. She launched a pilot project to preserve birth certificates within the blockchain. The goal is to create a digital identity that the user controls himself. They can be checked quickly and safely without the need for a central repository.

Self-assessment is not just a good idea. It will also put an end to a number of issues affecting consumer privacy. This also includes, for example, identity theft. Last year, 26.7 million people became victims of identity fraud in the United States alone – 1.3 million more than in 2020.

But these figures show only half of the story. Because often people themselves are completely unaware that their digital identity is under threat. At least until they try to buy a house or take out a loan, for example. Then your financial life will begin to collapse, and you will realize that everything is not all right.

The blockchain registry makes it difficult for cybercriminals to obtain identification data and thus wreaks havoc without leaving an obvious digital signature. The reason for this: each block of the blockchain is based on its predecessor. The cryptographic nature of these blocks makes it extremely difficult to change the information stored in existing blocks. The final data record is immutable, which means that changes to each individual identifier assigned to a person are recorded. This system prevents malicious actions by data administrators and, ultimately, makes identity theft more difficult.

People are taking responsibility again

The immutable blockchain registry protocol provides control over the information associated with the identity card. It also ensures the accuracy of the data over time. Since there is no generally accepted digital equivalent of autonomous identification, such as a passport or driver’s license, the user receives a unique set of identifiers for each individual application. The result is a vast network of private information that is difficult for users to track. Companies are also unable to properly protect this data due to inconsistent and deferred security measures.

With decentralized identifiers (DID) based on blockchains, users get full control over their data again. In fact, DiD are secret URLs (a unified resource index) that are stored in the block chain registry. Each DiD is assigned a separate part of the user’s identity – for example, name, date of birth or social security number.

Digital Wallet Application on a smartphone or desktop computer, allows users to grant third parties temporary access to the DiD of their choice. For example, when they sign up for a new app today, they usually need to provide their name, email address, and other information. With the help of DiD, the process is faster and safer: the application displays a QR code, it is scanned, and the digital wallet application automatically transmits the necessary DiD through a chain of blocks. After that, the user can access the application.

In addition, there are elements of identity that change. This includes, for example, phone numbers, job titles, and home addresses. They further complicate the privacy of an individual, since one identifier can be associated with more than one person at different times. For example, changing a name after a wedding requires updating a number of official documents, including a passport, driver’s license, social media accounts, bank accounts, and health insurance. It can take months to change all this. The whole process can be accelerated using DiD. As soon as the corresponding DiD is updated, the services accessing it automatically receive the updated information. This prevents incorrect information, and the whole process is done quickly and automatically.

Any innovative technology requires enough time to be accepted and widely used. TCP/IP, the concept and communication protocols underlying the Internet, existed for about 30 years before technology completely changed the retail and transportation industries. The idea of a sovereign identity that is stored as part of the blockchain is certainly very promising. However, the technology is still in its infancy.

What incentives do companies have to give up control over their customers’ identification data? Identification data managed by users themselves through the blockchain is not in the interests of organizations that use the information to develop new products and services based on it. Therefore, there must be an independent provider that creates a blockchain registry for identification.

However, before this becomes a reality, other technical problems need to be solved.

First: Is it possible that the data cannot be changed? Theoretically, the blockchain is immutable and will assume the role of a critical infrastructure. However, this idea still requires intensive testing before it can be implemented in real conditions.

Another point that needs to be clarified by users, companies and authorities: how can physical and digital identity cards be linked securely and accurately? Since the blockchain exists only in the digital world, the physical identity of the user cannot be verified and, therefore, guaranteed. Therefore, companies bear the burden of verifying, linking and controlling both.

Conclusion

These problems show that a strong data protection infrastructure is urgently needed. An important part of this is regulation. In the absence of legal precedents, organizations participating in the blockchain-based identification ecosystem will have to take on risk, uncertainty and unlimited responsibility. This requirement can significantly reduce the commitment of all participants.

Smart contracts, NFT tokens and other solutions open up many possibilities. What is needed is a reliable body that establishes certain legal norms and monitors their compliance. This should include, for example, rules regarding functionality, infrastructure for connecting the physical and digital worlds, as well as security measures so that consumers can enjoy basic protection. If all this is observed and implemented, data protection becomes a standard, not a relic of the past.