Is Blockchain a Solution for Securing Centralized ID Databases? |
Universal IDs have gained the attention of many governments The sentiment is that universal IDs could help counter terrorism increase national security deter ID fraud and make the lives of citizens easier The problem with universal IDs such as the REAL ID in the United States and the Aadhaar card in India is that they can lead to the creation of national databases and such databases are not always secure In the first half of 2018 alone there were 668 data breaches across US industries including banking business education government military and health care that exposed over 22 million records Many of these kinds of breaches stem from databases having weak or default security configurations which can leave them open and vulnerable to attack from cybercriminals As cybercriminals find new ways to breach databases it becomes difficult for national ID databases to remain secure long term Since they store a variety of data from millions or billions of individuals within a population they are a honeypot that cybercriminals are eager to attack Preventing criminals from accessing identity data and using it for identity fraud account takeovers and synthetic-identity fraud is a serious issue that my company and many others are committed to In 2017 identity fraud reached a record high with approximately 167 million US consumers affected There is a clear need for technology to be developed that thwarts cybercriminals and makes identity information more secure With blockchain technology I believe an opportunity exists to address this growing societal problem and better guard identity data Problems With National Identity Databases In the United States the REAL ID has seen pushback from state governments and others since its inception in 2005 Consumer privacy advocates claim that the REAL ID will put personal information at risk According to the International Association of Privacy Professionals states that issue REAL IDs are required to grant other states and the federal government access to their states ID card data Some opponents have argued that in effect this builds a nationwide database even though the US Department of Homeland Security denies that it creates a federal database YOU MAY ALSO LIKE Some privacy advocates think its unwise to contain a complete profile of a person within such a database as it could put peoples information at risk of identity theft I believe it changes the question from Will a data breach occur to When will a data breach occur As with the REAL ID some privacy advocates believe that its unwise to maintain a centralized database of personal information for Indian citizens They think it can cause cybercriminals to focus on attacking the database This has proven to be the case with the Aadhaar card since it was introduced in 2009 In March 2018 a state-owned utility company in India had a data leak Aadhaar cardholders private information including their names unique identification numbers and bank information was compromised during this attack This showed the world that many governments are not currently equipped to handle large amounts of identity data and keep it safe A Possible Solution For Securing Centralized Identity Databases Clearly the way that some centralized identity databases are currently secured doesnt work I believe that technology industry professionals should think outside the box to create a security solution for centralized databases Some think blockchain is the answer They believe that a distributed ledger could be used to decentralize identity information Using the blockchain identity information could be stored securely using cryptography This is similar to how cryptocurrencies are cryptographically stored in wallets on the blockchain A wide variety of identity documents could be stored on the blockchain in a single place an identity wallet of sorts and each wallet could have its own form of encryption The main advantage of doing this is that the identity information would become decentralized on a distributed ledger This would make it a lot harder for cybercriminals to perform large-scale identity data breaches because they would have to hack into each wallet individually Another advantage of this technology is that it could give individuals more control over their data They could have the freedom to update their data in a single place to give companies access to their data and to decide what data to share with particular individuals The Challenges Of Blockchain Identity Technology There are companies currently committed to creating this blockchain identity technology At this time though the technology is still being developed As companies determine how to create the technology they also may have to prove its usefulness in the real world From there companies could lobby governments around the world for its implementation This could create a new standard for identity security thats not present today One of the big challenges with blockchain identity technology has to do with who will create it Since its an open-source technology many companies may not be compelled to enter the space because monetization of identity blocks is difficult Plus its difficult to determine who will maintain the software that accesses the technology As a society we may have to determine how to make blockchain identity technology useful and profitable under our current economic structure Another challenge worth noting with blockchain identity technology has to do with ownership rights Once a person uploads their information to the blockchain do they maintain rights to that data I think this question and others will need to be addressed in order for blockchain identity technology to succeed I believe that blockchain could be a remarkable solution to the current global identity crisis While the technology is not foolproof it could offer a better way to address a challenging global problem Blockchain identity wallets could help everyone from governments to private sector companies secure their data Hopefully this technology will help make data breaches a tale of the past