A Framework for Identity

IDEO coLAB member Dan Elitzer explores a framework for digital identity using blockchain and other technologies.

AccessTimeIconMay 28, 2016 at 4:14 p.m. UTC
Updated Dec 11, 2022 at 2:18 p.m. UTC
AccessTimeIconMay 28, 2016 at 4:14 p.m. UTCUpdated Dec 11, 2022 at 2:18 p.m. UTC
AccessTimeIconMay 28, 2016 at 4:14 p.m. UTCUpdated Dec 11, 2022 at 2:18 p.m. UTC

Dan Elitzer is a member of the IDEO coLAB, a shared platform to discover and act on the potential of new technologies, with current focuses on blockchain, digital identity, and IoT.

In this op-ed, Elitzer fleshes out a framework for how a digital identity system should function based on work performed by the IDEO coLAB team.

Identity
Identity

How do you identify yourself? Is it your name? Your email address? Phone number? Drivers license? Facebook account?

Last summer, IDEO coLAB brought together 25 students from top Boston-area universities — including Harvard, MIT, Tufts, and RISD — to design venture prototypes exploring the future of trust, transactions, and reputation. Before the programhttp://bitsblocks.ideofutures.com/about, I hadn’t given much thought to the concept of “identity” or identity systems. But abstract concepts start to take shape and become more tangible when you run into them repeatedly. Over and over throughout the summer, we saw teams wrestle with identity-related challenges as they designed their ventures:
  • When you’re distributing digital tokens representing voting rights for community projects, how do you ensure there’s a real person behind each account?
  • How can a university issue digital diplomas that graduates can prove are authentic and belong to them?
  • In the event of an emergency, is there a way to automatically give doctors access to your relevant medical history, while keeping it secure and private at other times?

You can probably think of some fairly straightforward answers to those questions. But when you go to implement them, you quickly find that the solution either makes fraud trivial or introduces a level of friction that users won’t tolerate.

• • •

Our exploration of digital identity continued into the fall, and in October IDEO coLAB and the MIT Digital Currency Initiativehttps://www.media.mit.edu/research/highlights/media-lab-digital-currency-initiative co-hosted a workshop. Students and professionals collaboratively explored how blockchain technology might play a role in solving identity-related challenges in the financial services and health care industries.

To help guide discussion at the workshop, we developed a simple framework of the core functions of an identity system. During a concurrent project, the IDEO coLAB team made a few iterations. It’s not perfect, but we’ve found it useful for organizing our thinking and analyzing where blockchains and other emerging technology might be applicable:

Issue

Whether it’s the US government assigning Social Security Numbers or Google letting you select an email address, there needs to be a way to create new identities and assign identifiers.

1-oestfr1axhh7rqvyjslrkq

Store

Identity data needs to be stored somewhere. Usually this is a private database with administrator-controlled access, but technologies like IPFS and Blockstack are examples of new models for data storage and retrieval.

1-zomoj5hvjucwrm96ftpxdg

Authenticate

Individuals need to prove they are who they say they are when attempting to assert their identity. This is done using one or more factors of authentication: something you know (a password), something you have (a mobile phone), or something you are (photo or fingerprint). For example, think of what happens when you present your drivers license at a bar or airport. The person inspecting it looks at your photo, then at you, to make sure you’re the person represented on the card.

1-evxpcctud86zcrtmljirhg

Authorize

Once they’ve authenticated themselves, individuals are authorized to perform certain tasks. Whether it’s being able to access the transaction history for your bank account or being able to enter a bar, identity systems get utility from enabling you to take actions and interact with people or businesses based on knowing who you are or certain information about you.

1-pevevzn707zqc-gugnc34w

Recover

Stolen wallet or forgotten password? Individuals need a way to regain access to their identity data, should they lose it.

(Note: This is often the part of the process where the usability vs security tradeoff is most stark — protecting an account with a random 32-character password and fingerprint isn’t much good if “recovery” can be done using your zip code and the last four digits of your social security number. Conversely, asking the average user to print a recovery key when they create their account is absurd.)

1-24lv83y3jhcfj0exuudl1q

Update

Users or administrators need to be able to add, remove, or edit attributes associated with an identity. Pieces of our identity information change over time: an address gets changed, a new degree is earned, a drivers license expires, etc. Digital identities need to evolve along with the people they represent.

1-yqyjxq1snyibxrkvj07dog

Audit

How can someone check that your identity data is accurate?

In the context of regulated industries such as financial services or health care, identity data and the process by which it is recorded and accessed needs to be auditable by relevant government institutions. For user-controlled identity systems like PGP, code is open source and trusted parties that host data (e.g., Keybase) ideally go to great lengths to enable public auditing.

1-ggdth6-k6riz099p0suk2g

• • •

From our experience, these are the core components of any identity system. Each presents its own unique challenges for system design and opportunities for creating better user experiences. How will the system be used? How might it be hacked or exploited? Is a universal digital identity system possible or desirable…and by whom?

We will continue to use this framework within IDEO coLAB as a starting point for our work around the future of digital identity, which we’re pursuing in ways both big and small. One example is the machine shop certification system we prototyped over one week  –  you can read about it here. Identity is also relevant for things, not just people, so we’ll be extending this theme in context of our Internet of Things + Blockchain Fellowshiphttp://bitsblocks.ideofutures.com/iot-blockchain/ this summer.

We look forward to sharing more about what we’re thinking and doing in this space over the coming months. If you’re interested in learning more, visit our website and sign up for our newsletter.

Graphics by Reid Williams, whose collaboration on this framework has been invaluable. Thanks to Ted Ko, Reid Williams, and Piper Loyd.

This article originally appeared on Medium, and has been republished with the author's permission.


Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.


Disclosure

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.