Blockchain for Identity Management: Can a Case be made to Begin at Birth?

CIRI Blog

Published: May 2, 2019 by Dr. Pat Franks

Some of you may be familiar with blockchain technology (learn more about the basics of Blockchain from this CNN post and Dr. Franks’ presentation) because of Bitcoin, but it’s important to understand that Bitcoin was the first generation of blockchain technology with only one use case: financial transactions.  The second generation ushered in by blockchain developer, Ethereum, provides a platform on which distributed applications (d-Apps) and smart contracts can operate to allow an unlimited array of use cases.

Have you seen footprints of a new born on a birth certificate?  Or obtained a social security card for a youngster to start them on the road to saving for college?  If so, you were witnessing the beginnings of the creation of a trustworthy identity for an individual.  But the disparate records systems in place to record such events and the reliance on physical copies in many instances (e.g., submission of birth certificates for drivers’ licenses) result in unnecessary delays and additional opportunities for errors.

It’s time to consider creating a trustworthy digital identity at birth “on a blockchain” to register all important life events—such as birth, adoption, marriage, divorce, and death.

Vital Records Registration System

The vital registration system, also called the civil registration system, emerged in England in the 16th century. For governments at all levels, it is an important source of demographic data.  For citizens, it contains a legal record of life events beginning with birth certificates and ending with death certificates.

Birth Certificates

In the United States, parents of a newborn may receive two different types of birth certificates: Informational (created by the hospital and provided to the parents) and certified (the official record of birth issued by the state’s records office). This last type of certificate is an acceptable form of ID that can be used to obtain other legal documents, such as a social security card, driver license, or passport.

While there are differences across states in the US, at a minimum official birth certificates must contain the name of the parents, date of birth, place of birth, name of newborn, sex/gender of newborn, and the official city, county or state seal.  The official registration must be requested within one year of the birth but they can be issued at any time after that date, such as in response to a request for replacement birth certificates. 

Death Certificates

Between the birth and death of an individual, numerous life events occur that must be registered. The final life event, death, is marked by the registration of a death certificate.

Although data included on death certificates issued by states may also vary, we can look to the U.S. Standard Certificate of Death issued by the CDC for minimum requirements.  Some of the information is unique to the death event, such as time and place of death, manner and immediate cause of death, certifier, method and place of disposition of body, and signature of funeral service licensee or person acting as such.  However, other data could be garnered from the birth certificate and subsequent documents, including the decedent’s name, social security number, birthplace, marital status, race, father’s name and mother’s name prior to first marriage.

Rather than harvesting the necessary information to complete the death certificate within a vital records registration system, it would be much more practical to append the data unique to the death to a blockchain that already contains a record of other life events beginning with birth.  

Self-sovereign (digital) identity

In 2017, the state of Illinois announced a pilot project to create secure ‘self-sovereign’ (digital) identity for its citizens using a blockchain-like distributed ledge. Distributed ledger is a record of cryptographically signed transactions grouped into blocks. Each block is cryptographically linked to the previous one after validation and undergoing a consensus decision. As new blocks are added, older blocks become more difficult to modify. New blocks are replicated across all copies of the ledger within the network, and any conflicts are resolved automatically using established rules. Identity is defined in the Illinois Blockchain and Distributed Ledger Task Force Final Report to the General Assembly as:
“a collection of attributes about an individual. Identity attributes can relate to an individual’s preferences, personality or more sensitive information such as biometrics, healthcare records or criminal history” (Illinois, 2018, p. 19).

This task force report categorizes attributes as intrinsic, assigned, and accumulated—all of which may change rarely, occasionally, or frequently:

  • Birth and death dates are intrinsic to our individual experience, as are our fingerprints, biometrics, and birth parents and siblings.  Some of these intrinsic attributes can change over time, including sex, hair color, and, yes, even DNA. Others may change continuously, including height, weight, and age.  
  • Attributes are assigned to us as well, including our social security number, driver’s license number, credit card number, nationality, and user names/passwords.
  • Accumulated attributes are gathered or developed over time—consider your academic credentials, heath records, employer, occupation, credit rating, and social media interactions. (Ibid.)

Think about the various documents we use in our lives (e.g., passports, driver’s licenses, library cards), they systems they reside in, and the identity attributes they contain. 

Identity Management Use Cases 

A whitepaper entitled “The frictionless future for identity management” published by the Australian Post presented a chart outlining the many ways each of us uses our identity throughout the year (see Figure 1).

Figure 1: Proof of Identity Use Cases. Source: Australia Post, permission for non-commercial use, “Frictionless future for Identity Management,” [whitepaper], accessed April 14, 2019, at https://auspostenterprise.com.au/content/dam/corp/ent-gov/documents/digital-identity-white-paper.pdf

A self-sovereign ID can be used to verify identity without needing an individual to produce numerous documents and paperwork each time they need their identity verified. This could be done with a single (encryption) key that can be matched against an immutable ledger. The digital ID can also collect other online information about a user’s identity like social security information, medical records and social media credentials and store that securely on the blockchain. This can allow users more control of their private data to transact more securely online but more importantly, takes away the power from companies to monetize this data and puts control back to the users.

Numerous pilot projects are underway to test the practicality of using blockchain distributed ledgers for identity management.  If you’ve been involved in the last few elections, you’ll know that problems arise due to human error, interference from foreign nationals, and lack of trust in the system. Blockchain identity management can be applied to electronic voting to ensure only those eligible to vote can do so.  The peer-to-peer distributed ledger disintermediates the process—trust is transferred from the individuals traditionally managing the voting process to the blockchain technology used.  

One segment of the voting population that could benefit from blockchain-based voting is the military members stationed overseas. Some states are conducting pilot projects to determine if this type of technology can be used to facilitate their participation in the electoral process. Two recent examples are described in Table 1.

Location

Project

Results

West Virginia

In the 2018 mid-term elections, 144 military personnel stationed overseas from 24 counties were able to cast their ballots on a mobile, blockchain-based platform called Voatz.

The pilot involved about 150 service members stationed overseas who cast their ballots using this system. It was considered a success but there are no plans at this time to expand the population eligible to vote using this technology.

Denver

In 2019, Colorado became the second state to allow blockchain-powered mobile voting in Denver’s municipal elections. Absentee voting began March 23 and will run until Election Day May 7.

This time the target voting population is both service members and overseas citizen voters from the city and county of Denver, totaling around 4,000 people. Because voting will end May 7, results are not yet available

Table 1: Two Blockchain-based e-voting pilots.

As illustrated with the blockchain-based voting pilot, the major benefit to users (military and citizens living abroad) is convenience.  Countries such India, Switzerland, South Korea, Japan, and Thailand have trials or are planning trails for various types of e-voting initiatives using blockchain.

Strengths and Weaknesses of Blockchain Distributed Ledger Technology

One of the advantages of using blockchain distributed ledger technology for identity management is that, in theory, once the data is added to a blockchain, it is cryptographically sealed and no one can view it unless they have permission (and the key) to do so. Allowing online access to sensitive records only to the people owning the ID and any third parties granted permission would put control of the data in the hands of the citizens.

However, there are weaknesses inherent in the solution itself. Following are two examples related specifically to identity management:

  • Regulations. The European Union’s General Data Protection Regulation (GDPR) and California’s Data Privacy Protection Act both require erasure of personal information (with exceptions) upon request.  An encrypted, time-stamped record cannot be deleted.  At this time the best option is to keep all personal information “off-chain.”  
  • Privacy. When it comes to privacy, it is important to realize that identity on a blockchain is not anonymous. It is pseudonymous—meaning that data points not directly linked to an individual can be linked together.  Applications have been developed to perform analyses associating transactions and Internet protocol addresses on public blockchains. 

Conclusion & a Challenge

Blockchain distributed ledger technology is an emerging technology that brings with it opportunities and risks. One of the opportunities is the ability to allow each of us to manage our own identities. One of the risks is that it is a new and developing technology.

I challenge those of you reading this to consider the possibilities of blockchain technology for identity management and post a response. Would you feel comfortable having your identity recorded via blockchain technology from birth? Can you cite specific instances where having your identity stored on a blockchain would benefit you?  How?  Are you concerned about risks that might arise from storing your identity on a blockchain?  What are they?

References

State of Illinois. (2018, January 18). Illinois Blockchain and Distributed Ledger Task Force Final Report to the General Assembly, House Joint Resolution 25.

Comments

Post new comment