Biometrics and blockchains: Why identity matters [part 2]

Soon after the release of the Bitcoin protocol, many people realized that blockchain transactions can house more than just “coin” transfers – they could represent birth certificates, property deeds, academic credentials, etc. They could be used to record almost anything so that the information attached to a transaction (e.g., via OP_RETURN operands) was highly available, decentralized and tamper-evident. Some would say “immutable,” instead of tamper-evident, but I agree with Angela Walch that immutable is too strong a claim for almost all blockchain platforms – particularly those that have already undergone hard and soft forks.

One of the most common new applications for blockchains is digital identity. Today, your passport, driver’s license, birth certificate and other forms of identity are recorded primarily on paper, kept on your person or in filing cabinets in your home or office. Although many of these documents have been scanned as digital images, the metadata associated with these documents is sparse. Over a dozen projects now underway hope to solve this problem by issuing identity credentials via blockchains such that they are highly available, decentralized and tamper-evident. Some of these projects include:

• Blockstack: Formerly known as “onename,” transactions are recorded on the Bitcoin blockchain to associate an identifier (i.e., a symbolic name) with a local identity stored on your laptop or mobile device.

• Sovrin: A permissioned, decentralized identity network based on Hyperledger Indy, an open-source distributed ledger technology. The non-profit Sovrin Foundation has launched the Provisional Network consisting of independently-operated nodes.

• Veres One: A blockchain-agnostic method for representing decentralized identity credentials based on the W3C Community Group’s work on Decentralized Identifiers (DIDs) and DID Documents.

• uPort: A decentralized identity platform built on Ethereum.  It provides an open-source SDK for mobile development and authentication for many programming languages.

One goal of all of these projects is to enable self-sovereign identity (SSI) transactions like two-party authentication: you provide your credentials to a resource owner directly (e.g., the relying party (RP) or service provider (SP)). Existing protocols like SAML and OAuth require three parties: you, the resource owner and the identity provider (i.e., “Login with Google”, “Login with Facebook”, etc.). Two-party authentication allows you to use blockchain-based credentials to enroll and authenticate with websites without the need for 3rd party identity providers during an authentication session. Identity records on blockchains may be issued by an authority (e.g., a government), but they are controlled by each individual user. Control means that the private key(s) of the credentials are held by the user, not the issuing authority. Self-sovereign identity is an empowering concept, but many critical issues remain problematic:

Revocation

Identity credentials on blockchains may need to be revoked at some time in the future. For example, a driver’s license may be revoked by the DMV due to driving infractions. Verifying that a credential is valid may require validating a digital license credential and checking a list of revocation records as well.

Delegation

Use of credentials may be delegated. For example, issuance of a child’s passport may require presentation of that child’s digital identity by a parent or guardian. Delegation can be attenuated to specific privileges, capabilities, and time.

Minimization

The purchase of alcohol in many countries requires a “paper” form of identity, such as a driver’s license or passport, to verify proof of age via birthdate. But this method divulges too much information because all the clerk needs to know is verify the “claim” that you are of age or not. The W3C Verifiable Claims Community Working Group is tackling protocols and formats for expressing and sharing such claims via self-sovereign identity platforms.

Recovery

Most approaches to self-sovereign identity require ownership of private keys associated with identity credentials issued via blockchains. Such keys can be kept on USB tokens, mobile phones, or paper form.

The recovery issue seems the most difficult to solve: what happens if I lose the mobile device, token, slip of paper or forget the passphrase associated with my private key? Early public-key distribution systems had similar problems and failed to scale because keys could not be shared, revoked or recovered without a trusted but centralized infrastructure. Blockchain technologies promise to solve these problems via novel, decentralized key distribution systems within and across various blockchain ecosystems.

Two approaches have been proposed: social recovery and biometric recovery. In the case of social recovery, you recruit a handful of friends at enrollment time to attest to your identity and store pieces of your identity credential (or associated recovery credentials). In the case of biometric recovery, you can recover your identity credentials yourself but may require live evidence to prevent spoofing by bad actors. Friends come and go, but your biometrics are relatively stable throughout your lifespan. Thus, biometrics may be the foundational backstop to identity credential methods when used in combination with other methods including social, token and paper-based approaches.

This is the second of a three-article series on blockchain and biometric technologies. In the first article, I reviewed the motivation behind using biometrics and blockchain for online identity management. In the third and final article, I’ll discuss the requirements for a new idea – the “Horcrux protocol” –  that will securely link your biometrics and online identity credentials via blockchain technologies.