What is Identity Management?
Every enterprise that interacts with customers’ needs a system to authenticate and authorize them to protect their confidential data from unauthorized access. An identity Management system helps enterprises to manage individual identity, their authentication, authorization, roles & privileges that are specific to the enterprise requirements. Identity Management system ensures that only authorized individuals access the enterprise systems according to given permissions and restrict any unauthorized access to enterprise confidential data. There are multiple Identity Management products available in the market, few of them are listed below for reference:
- Azure Active Directory
- IBM Security Identity & Access Assurance
- Oracle Identity Cloud Services
- Microsoft Active Directory
- RSA Secure ID Access
Each identity management system comes with its own benefits & limitations. Enterprises choose the right identity management system based on their requirements and policies. This document doesn’t cover the difference between identity management systems available in the market. The context of this document is to cover the transformation of the existing identity management system.
Reason for change in identity management system
Though existing identity management systems are secure and successfully managing individual identity but there are still few below-listed gaps in the existing identity management systems. Enterprises spend
Enterprises spend a huge amount to maintain and secure customer identity. Customers are providing their financial details, personal details which might be shared with external parties without customer consent & control. These points trigger a need for the change in the existing identity management system towards more secure & controlled systems, which would help enterprises to save cost & provide their customers controlling powers to manage their personal and financial details.
Blockchain adoption trend
Blockchain is expected to surge in the coming years due to its value-add for businesses. A Gartner forecast posits that the value of Blockchain for businesses will exceed $3.1 trillion by 2030.
Businesses are responding to this potential value in kind by investing in new solutions. The graph below depicts the global spending on Blockchain solutions in recent years and projected through 2022.
How Blockchain can help in better Identity Management
What is Blockchain?
Blockchain is distributed & decentralized ledger technology which helps to securely store & distribute the data among all the network participants without any central control. Blockchain consensus protocol / algorithm replaces the central authority to validate the transaction authenticity. Blockchain builds the chain of blocks in the ledger where each block is linked to its previous block.
How Blockchain Works?
Blockchain is designed to bring all the ecosystem participants on the common agreement before adding any new transaction on the Blockchain ledger. Whenever any party initiates a transaction, Blockchain uses a consensus protocol to circulate the same transaction across all the participants to get their consent on the transaction before persisting that in the Blockchain ledger. Once all the participants agree on the transaction then Blockchain replicates the same transaction to all the participants’ ledgers to build trust and transparency in the network. Having the same replica of transaction ledger for all the ecosystem participants helps to avoid Data reconciliation problem for smooth settlement among all the participants.
How Blockchain can manage identity?
Blockchain platform helps to bring multiple parties including identity provider, customer & identity verifier on the same platform. The idea behind bringing all the parties on the same platform is to reduce the verification time, effort & financial burden of the enterprises which helps them to bring customers on board quickly.
Most of the enterprises while doing customer onboarding request for their identity before granting them access to use their resources. Upon receiving customer identity, enterprises depend on the external vendor for Identity verification which is itself a time consuming and costly process. Enterprises are spending huge amounts of money on this identity verification process.
Blockchain-based identity management process helps to save time, effort & cost for enterprises and help them to seamlessly onboard customer without involving the external vendor. Blockchain-based identity management system aims to bring enterprise and customer on the Blockchain platform so that external vendors which are an additional burden on the enterprises can be removed from the process.
Given below is the high-level process to manage and validate identity on the Blockchain platform.
Blockchain based use case for Identity Management
To understand the transformation between legacy identity management process with Blockchain based identity management process, let’s take a use case for Customer Onboarding.
The customer Onboarding process involves following parties, where each party is playing a different role to successfully bring onboard customers into an enterprise system.
- External KYC Vendor
- Government (Govt.) Identity Provider
- School / Colleges
- Private Sector
Legacy Customer On-boarding process
Following is the legacy process to on-board customer in the enterprise
- Customer raise request for on-boarding in enterprise
- Enterprise raises background verification request to External KYC vendor for:-
- Education with School / Colleges
- Identity with Government Identity Provider
- Employment with Private sector
- Upon successful verification, External KYC vendor share the status with enterprise
- Based on verification status enterprise on-board customer in their systems
Limitation of this process:-
- Expensive: Duplicate KYC cost for the same customer which was verified by one reputed organization.
- Time Consuming: Lack of direct communication between enterprises and various departments/units, the verification process takes longer time to on-board customers.
- Lack of Transparency: Due to lack of direct communication between enterprises and various departments/units, there is a lack of transparency in the information.
- Lack of Trust: if the same customer’s KYC was completed from one enterprise then also another enterprise performs the KYC again.
- Lack of Control: Customers don’t have control on
- How his information was shared with other departments/units.
- Don’t have control to revoke the permission to access their identities details if required.
Blockchain & Identity Wallet based Customer On-boarding process
Following is the Blockchain based customer on-boarding process for the enterprise
- Join the network: Enterprise, School / Colleges, Government Identity Provider and private sector join the Blockchain network
- Issue education certificate: School / Colleges issues educations certificates which get stored in Blockchain-based user’s wallet
- Issue identity certificate: Government identity provider issues identity certificates which get stored in Blockchain-based user’s wallet
- Issue Employment Certificate: Private sector issues employment certificates which get stored in Blockchain-based user’s wallet
- On-boarding Request: Customer raise request for on-boarding in enterprise
- Request for Documents: Enterprise raise a request to share the required education or employment or identity certificates
- Documents Sharing: Customer shares the required documents with the specific enterprise for the given duration
- Certificate verification: Enterprises perform the certificates verification from Blockchain network and on-board customer in their systems
Benefits of this process:-
- Less Expensive: Bringing certificate issuer and verifier on the same platform helps to remove the external party from the process which helps to save the huge cost for verification
- On-boarding Acceleration: By segregating external KYC vendors from the on-boarding process and bringing Identity issuer and verifier on the same platform helps to on-board customers quicker on the system.
- Trust & Transparency: Distributed & decentralized data ledger helps to bring trust & transparency in the system
- Customer-centric control: Blockchain-based Identity management system is customer-centric and aims to provide control to the customer and let him to
- With whom he wants to share information?
- What would be the duration for which he wants to share information?
- Ability to revoke permission to use his information
Blockchain Based Identity Management System benefits
The following are the key features that would help the organization to decide for transforming an existing identity based system to Blockchain-based identity management system. Key Features are: -
- Zero Knowledge Proof
- Faster & Efficient
- Reduce Cost
- Unique Identifier
- Eliminate Identity Theft
- Trust & Transparency
How Blockchain based Identity Management helps organizations & customers
Blockchain-based identity management systems help organizations and customers from various perspectives. Following are the few benefits which Blockchain will provide to associated organizations and users:
- Fraud Protection
- Trustful Identity Data
- Transparent, fast, cost-efficient process
- Eliminate Third Party verification
- Data Control
- Data Revoke
- Single Identity
- Administrative Cost reduction
Identity Management platforms
For every enterprise maintaining privacy & security for their customer identity and their personal data is very crucial. Enterprises are spending lots of money to keep them secure & confidential. There are multiple platforms available in the market which could help to manage Customer’s identity confidential and secure.
Hyperledger Indy Hyperledger Indy provides tool, libraries and components to manage user’s identities over the Blockchain. This platform targets to bring different administrative domains, departments, sectors, identity providers on the common platform to manage and secure user’s identities. This platform key features are:
- Provides distributed ledger to manage user identities
- Zero Knowledge proof capabilities to prove eligibility without exposing the real data
- It provides control to users to manage permission for their identity sharing
- User have full control with whom they want to share data and till what duration
- User have the capability to revoke permission to use their identity after sharing it with others
Microsoft Digital Identity Management Microsoft is planning to release Digital identity management system that will provide control to users to manage and secure their personal and confidential data. Microsoft is actively collaborating with members of the Decentralized Identity Foundation (DIF), the W3C Credentials Community Group, and the wider identity community. They are working with these groups to identify and develop critical standards. They are developing an open source DID implementation that runs atop existing public chains as a public Layer.
IBM Verify Credentials IBM Verify Credentials, Decentralized identity is how individuals control when, where and with whom they share their credentials. In the physical world, we take this sharing of credentials for granted – yet a secure, smart way to do this has been long missing in the digital world.
That’s about to change. IBM Verify Credentials creating a decentralized approach to identity management – enabled by Blockchain – building on top of open standards in combination with Decentralized Identity Foundation (DIF), World Wide Web Consortium (W3C) and other standards groups.
Coforge’s approach to build Robust Identity Management Solution based on Blockchain
For the successful implementation of Blockchain based Identity Management solution, it is crucial to understand the right approach to implement Blockchain based solution. Based on Coforge’s deep expertise in design, development & implementation for Blockchain based identity Management solutions, Coforge help their clients to determine the right approach & Blockchain platform among various available options. Coforge’s follows below mentioned approach to conclude.
Engage: In this stage we
- Ideate (Whiteboard, brainstorm, demo)
- Consult (Use case identification & Business Case)
Differentiate: In this stage we
- Identify right Blockchain platform for the given requirement
- Identify Blockchain network stakeholders
- Design the Blockchain application according to the existing processes
- Identify the uncertainty in the regulatory framework which might impact the Blockchain application
- Experiment (Accelerators, PoCs, Pilots, MVPs)
Deliver: In this stage we
- Optimize process (Business Process Consulting, MVPs)
- Improve Time to Market (Pre-built frameworks & integrations)
Leverage: In this stage we
- Participate and leverage industry Consortia
- Partnership with Startups (Innovative, disruptive solutions)
- Partnership with Academia (Technology, domain)
Blockchain based Digital Identity management systems helps enterprises and customers in following perspectives
- Data Control
- Identity Traceability
- Trust & Transparency
- Accelerated onboarding
- Eliminate fraud
- Cost Effective
- Single Identity