The recent Facebook Data Breach by Cambridge Analytica spurred millions worldwide to raise concerns about identity security.

Both Facebook and Google offer free services in exchange for user data, and this is largely open to misuse.   For example, did you know when you use social sign in (sign in to a new site using your Facebook login) this opens a whole new level of data that Facebook can then track?

Emerging technology known as Blockchain could be a game changer in terms of identity protection.

So maybe hold off on shutting down your Facebook account for a while (at least maybe stop using social sign in on third party sites), and read on because there could be a solution just around the corner.

New tech called “Federated Identity” provides a single credential for users, and is being used to sign in across the web.  Understandably in this post-Cambridge Analytica world, it’s now starting to gain traction globally.  But how do you know your data is secure with the handful of identity brokers offering Federated Identity?  Imagine the data they would have access to using the one identity login for all website activity?  It’s a veritable gold mine of data.

Blockchain could work to shift control back to the individual.   If you’re unsure what Blockchain is, check my previous introductory article on the subject here https://pjtaccountants.com.au/blockchain/

Online, users need their own digital identity with a level of privacy and control over the sharing of data, but enterprises need to identify and authenticate customers whilst building a data profile which complies with privacy regulations.

Blockchain is a distributed database which allows untrusted parties to agree about shared data with no middleman.

If such a shared digital history was an identity management system – it could very well shift the power towards the user, and away from enterprise.

One such solution from uPort, offers a mobile wallet built on top of a public blockchain. The wallet allows users to control access to their identity and tokens. Currently uPort is trialling the tech in the city of Zug, Switzerland to register identities on the Ethereum blockchain.

Another tech startup called Blockstack aims to reinvent internet privacy using individual’s identities as the platform’s foundation.  Users will be able to control their identities, issuing and revoking access on a case by case basis.

A different type of tech uses Identity Attestation – instead of users setting up their identity, they would instead verify pre-existing credentials (like a driver’s license or birth certificate) and this information would be tied to the rightful owner on a blockchain, creating a decentralized database for traditional forms of identification.  Companies using this approach include SecureKey, who is launching a new product called Verified.me to help banks prove user identification.  Currently the organisation is working with IBM on a trial with Canadian Banks.

What’s the hold up with this technology?   Mainly many Governments and organisations don’t want it because it removes them from identity management and shifts the balance of power towards the user.   So the adoption rate of this tech is still painfully slow.

Isn’t it time we built a new internet, with the focus on user control and privacy?   It comes at a cost however, because currently many individuals are opting for free systems at the cost of providing their identity and usage data – most interested in the digital identity which will give them the widest recognition and the highest value.  Switching to blockchains will come at a cost and until the uptake by enterprise peaks, we’ll still have limited network access.

We’re tracking global trends on blockchain tech and will keep posting updates as the technology improves and traction builds.

Meantime, maybe don’t share everything in your life with Facebook.