Blog
Events
Events
Top 3 Trends in Digital Identity: What’s New in Standards, Privacy, & Institutional Adoption
The identity landscape is shifting fast, and Privado ID is proud to be at the forefront of this transformation. From advancing privacy standards to tackling the practical challenges of large-scale adoption, the conversations are maturing, and so are the solutions.
We have been participating in various identity industry events, as well as various blockchain events (ETHDenver, EthCC in Europe, and most recently Devcon in Thailand). This report highlights three of the most relevant trends we noticed during the recent Internet Identity Workshop (IIW) in California a few weeks ago.
#1 - Credential Schema Standardization Gains Relevance
One important trend we noticed was the need to standardize credential format attributes such that organizations are not needing to re-invent the wheel when experimenting with digital identity protocols. At Privado ID we discussed the credential schemas work item we are leading at the Decentralised Identity Foundation (DIF), as well as the usage of abstract data models for interoperability across credential formats.
In particular we presented the “Basic Person” schema which is a schema to be used for KYC purposes in the Financial services industry and similar organizations requiring customer onboarding processes. The proposed credential schema standard was well received by the audience and we also received valuable feedback which we will be incorporating into a future update.
On Proof of Personhood standards: Kim Hamilton Duffy (Executive Director at DIF) discussed an associated white paper "Personhood credentials: Artificial intelligence and the value of privacy-preserving tools to distinguish who is real online" which she contributed to.
The paper discussed the importance of anonymity and how bad actors leveraging artificial intelligence could make the internet unusable. Standardizing proof of personhood credentials has therefore become very relevant and Privado ID will be collaborating to joint efforts to develop a credential schema standard, as well as contributing to define a specification for how to wrap a government issued id (such as a passport, aadhar document, or drivers license) with a zero-knowledge proof derived from it. This would constitute a “self attested” proof of personhood; the effort will commence in early 2025.
Standardized credential schemas will streamline adoption across industries, from banking to government services.
Privado ID’s collaboration in these discussions as well as our online schema explorer and builder, can help organizations that would like to use and customize these standardized schemas to their needs.
#2 - The Need for Privacy
Several of the panels and talks at the conference demonstrated that the need for privacy has been gaining importance over the last few months. In particular various participants pointed out that digital mobile drivers licenses (under the “ISO mdl” 18013–5 and 18013–7 standard) whilst helpful in enabling citizens to have new digital identities, are not optimized for privacy. There are several reasons for this but one of the key reasons is that this standard was made for citizen identification and the usage of privacy techniques (such as the zero knowledge proofs –ZKPs, that we offer at Privado ID) were not a prime concern during the development of these standards.
Some states in the USA (notably California) are resorting to having “dual issuance” in order to address some of the shortcoming of the ISO mdl standard; this means that the identity wallet carries both an “ISO mdl” credential and a “W3C credential” which allows for more flexibility. We think this trend reflects why the ZKP privacy technology with unlikability offered by Privado ID is perfectly positioned to offer citizens full privacy of their personal information and better flexibility in choosing which information to reveal to third parties.
It's important to emphasize privacy guarantees and data minimization, this is exactly what the Iden 3 open-source protocol that powers Privado ID provides.
One important session by Google Researchers demonstrated deep study of how to attempt to integrate ZKP privacy into ISO mdl, with the conclusion being that it was not possible without changing the underlying cryptography and submitting a new proposal to change the standard itself. Notably Privado ID offers native privacy with standard W3C credentials, Google Researchers confirmed that they had been looking at the iden3 stack used by Privado ID when conducting their research.
There were also important developments around the Digital Credentials API for physical presentation of credentials from a mobile device to a web browser using wireless communication over bluetooth which were demonstrated by Google. Privado ID will keep engaging with the industry to ensure that Zero-Knowdledge Proofs are also incorporated into these upcoming identity standards.
Also one interesting session by Christopher Allen (co-author of TLS and Self Sovereign Identity Pioneer) presented a talk based on his most recent article: “Did we stray away from the principles of 10 SSI?. He indicated that privacy is indeed a big concern, surveillance capitalism is becoming a bigger issue and recommended that ID technologies need better unlikability guarantees and stick to data minimization principles. We think the iden3 open source protocol which powers Privado ID can be a key tool for this.
#3 - Institutions and Governments are Taking Decentralized Identity to Production
Industry and government adoption of self-sovereign identity (SSI) has been increasing; one key example was a workshop session led by the US Department of Homeland Security which facilitated a workshop around discovery of platforms and standards organizations that can help create the following “Ideal Operational State”: A person can use a single digital ID to obtain access to all local, state, and federal benefits & services without having to revisit centralized locations and/or resubmitting paperwork with valid info already presently associated with that ID.
Decentralized identity is shifting from testing phases to real-world use, signaling a major step forward for scalable, privacy-focused solutions.
This vision aligns quite well with some of our objectives at Privado ID, we aim to facilitate government adoption of re-usable digital identity with privacy technology.
We also had a couple of interesting conversations with companies in the banking sector who indicated that they “are done with proofs of concept”, and that they are now ready to bring SSI solutions to production. This also resonates with our recent experiences helping both HSBC and Deutsche Bank experiment with the Privado ID ZKP technology to enhance the privacy of KYC processes. Banks are now more serious about bringing ZK-powered digital identity to live customers.
Conclusion: A Defining Moment for Digital Identity
Overall our conclusion from this conference is that the time for digital identity is now, and we are happy to be contributing to industry standards in order to move the conversation forward for the adoption of privacy powered digital identity.
If you are interested in learning more about Privado ID and the capabilities of our privacy first digital identity technology, please contact our growth team.
What’s Next?