Decentralized identity technology aims to do much better, making users and their devices the sole authoritative sources of personal data by using digital identity wallets. These would function as if they were payment wallets, where a user could dole out as much personal data on request as they see fit to share in even more privacy-enhanced ways. Trusted issuers would lodge the data in the form of tamper-resistant verifiable credentials (VCs), and verifiers would have ways of retrieving and checking the sources of these VCs. Distributed ledgers serve to underpin issuer networks.
More robust protocols give consumers better control over their identities. Law told PYMNTS that all too often, individuals lose control of their online identities as they’ve become victimized in phishing attacks or account takeovers, a problem that has hit financial services providers especially hard.
“With the advent of FIDO and WebAuthn, you make the authentication simple,” said Law. “Instead of using an [one-time password (OTP)] text message, you use a fingerprint or your face.”
Moving away from the password and toward the single sign-on — with its federated approach across different web properties — still needs identity attestation (part of the Microsoft announcement), which in turn will require firms to consider their know your customer (KYC) processes.