As the emerging technologies of virtual reality (VR), and augmented reality (AR) continue to evolve, the principal foundation of interactions has remained in one place: the digital identity.
That is changing, with new decentralized solutions that help users of interactive and social platforms to “take back” their data and the intrinsic power that comes with it.
Lars Seier Christensen, Chairman of Concordium, a next-gen blockchain-based identity ecosystem identified these issues and more.
Here’s what he had to say.
Lars Seier Christensen, Chairman of Concordium
What is the significance of decentralized identity in the age of AR?
Advancements in augmented reality (AR) will overall have a positive impact on society in my opinion. Users will be able to engage with new forms of entertainment and socialization, expanding the human experience to unchartered territories. That being said, in connecting strangers from across the globe, this technology has the potential to be used in fraud, where impersonators can hide their identity to scam users.
Not all identity verification tools are alike, however. Traditional verification solutions require users to hand over sensitive data to big tech companies. In contrast, decentralized identity solutions, which are built on the blockchain, leverage zero-knowledge proofs, verifying identity without compromising user data.
According to a survey conducted by Ipsos, 70% of Americans agree that controlling who accesses their online personal information has become more difficult. The results are understandable since big tech companies can use the data to target advertisements, track our digital footprint, and even make money by selling the data to data brokers, without telling us, at least openly.
The significance of decentralized identity management lies in the increased security and privacy aspect and the user’s self-sovereignty. Users control their data and can decide how much and what data to share with the receiving platform. In addition, a decentralized identity solution can tackle the ongoing issue of fraudulent users and identity theft. Thanks to blockchain technology, it makes stored information tamper-proof, meaning that no one else can change the information without the owner’s permission. Because identities are verified through a decentralized network, it makes it more difficult to impersonate someone online.
What is the future of digital identity without decentralized data stores?
One of the main issues of concern with traditional centralized data storage, which is characterized by single points of failure, is the issue of security breaches. Decentralization makes digital identity management more secure, offering additional points of verification in case one point fails, so that information can be better protected.
The future of digital identity without decentralized data storage looks much like the status quo today. Global cyber attacks are on the rise, with an average of 1,248 attacks per week in Q1 2023, with targeted sectors being those where personal information is stored, like healthcare. Using decentralized data storage is an effective way to mitigate those risks.
How will AR and VR innovations change the technological landscape?
AR and VR innovations will provide new ways of interacting with other people and opportunities for entertainment. Moreover, education and business sectors can harness the technology to their advantage. We already see big tech, such as Meta and Apple, developing these devices and it’ll be interesting to see where the hardware and software technology will develop. However, whenever the technology improves to the point of wide adoption, the risk of impersonation scams and fraudulent users grows. The risk needs to be addressed so that users can be certain of who they are interacting with, either in their free time or while doing business. One solution to this is adopting decentralized identity management, which ensures the authenticity of users.
What roles do tech giants play in controlling data and online identities?
In the status quo, users exchange personal information for access to content online. This means that the profile, which represents the user, isn’t owned by the user themselves, it’s controlled by big tech companies. With a history of abusing user data, there is a concern that as big tech companies enter the AR/VR industry, the same issues will arise. Because tech giants are storing all of that data, they also have almost full control over how to use it, for good and bad.
Let’s consider online identities in the Metaverse and VR. Even though users are able to modify their avatars to represent their online identities, users will never have full ownership of their avatars on centralized platforms. This leaves all of the data and information that is built up in the personalization of that avatar exposed for big tech to sell highly personalized, target advertising to the user – both online and in the metaverse.
How does the Apple Vision Pro symbolize the dawn of AR’s revolution?
The entry of Apple and other big names such as ByteDance in the AR space demonstrates the potential for this industry. Meta is planning to launch its AR glasses in 2027. There is definitely a market for this product, especially in the entertainment sector and the technology brings new ways to interact with people. However, when big names step into the market, issues such as user safety and privacy remain unsolved. The technology can be harnessed to use biometric data, location information, and other kinds of personal data. How it is used by big tech companies remains unclear. This is the reason why as the sector evolves, adopting decentralized identity solutions is essential.
Are there any legal or regulatory considerations when implementing decentralized identity solutions?
With any new technology, it is in the interest of industry leaders to work with regulators to establish clear guidelines and regulations that give consumers greater confidence. In my experience from the early days of online trading, the firms that were able to adapt to new regulations gained greater respect from the public, built a wider user base, and ultimately grew stronger in the industry. History repeats, and the same is likely to be the case for players today building decentralized identity solutions.
Are there any existing implementations of decentralized identity at work?
One recent implementation of decentralized identity technology is mysome.id, launched in May this year. It’s a digital certificate built on the Concordium blockchain to protect users from fraudulent profiles in social media channels. In short, it’s an ID verification tool for social media platforms. It allows users to interact with each other securely, knowing that the person or the character on the other side is who they say they are. Similar verification tools are needed in AR and VR, because especially in VR users are interacting with avatars, which are customizable and can look like anything the user wants. To interact safely in VR, it’s important to be able to verify those underlying online identities, especially for any business use cases, purposes, or applications.
What do you guys do at Concordium? What are your services and solutions?
Concordium is a Layer-1, science-backed blockchain protocol. What makes us unique from other Layer-1s in the industry is that we are the only blockchain with identity verification built into the protocol level along with zero-knowledge proof technology to anonymously secure data. This makes Concordium fit for any purpose, from individual users to crypto-native projects to large-scale institutions, our secure and scalable infrastructure enables a number of innovations, including decentralized AR environments, decentralized data storage, and advancements in machine learning technology.
How can decentralized identity solutions help address online and identity fraud issues and data breaches?
Decentralized identity solutions minimize the risk of online and identity fraud since personal information is stored in a distributed ledger, which makes it harder to steal. When it comes to data breaches and hacks, decentralized identity solutions powered by blockchain technology ensure that the data is spread across the network infrastructure to different nodes. Even if one node is hacked, the rest of the network is uncompromised. User information is harder to find since it’s spread to different places and for hackers, it’s like finding a needle in a haystack. The technology makes the records tamper-proof, meaning that the data can not be modified without the owner’s permission.
What are the key differences between centralized and decentralized identity systems?
The two main advantages of decentralized identity systems are data privacy and protection. In this day and age, big tech companies have built their profit models off of mining and sharing user data. Just look at Meta, which was fined this year for breaching EU data laws, and this is the same company that previously leaked the phone numbers and email addresses of 533 million users. So now users aren’t just worried about big tech companies having access to their data, but also data breaches which could make them vulnerable to other malicious actors.
With decentralized identity solutions, users have complete control over their own data and can share only the necessary information needed to verify their identity in a privacy-optimized way through zero-knowledge proofs. This gives users greater peace of mind and assurance that their data won’t be compromised.
In addition to greater privacy, identity solutions built on the blockchain benefit from a more decentralized security system, with no single point of failure. This makes it much more difficult for bad actors to hack into the system and steal data. In my opinion, this technology is revolutionary and will unlock a number of opportunities for business on the internet, overcoming the challenges of maintaining security and privacy online.
What are the challenges in establishing trust and reputation in decentralized identity ecosystems?
There is a certain level of skepticism amongst the general public concerning blockchain, mostly due to a lack of knowledge and education on the subject. It is important to remember, however, that people didn’t trust the internet at first and found it difficult to use. Now, it is nearly impossible to go a day without interacting with the internet in some way. That’s why industry leaders need to raise awareness about the privacy and security benefits of this technology.
How can decentralized identity solutions support personalized user experiences in AR/VR-oriented societies?
Within AR and VR settings, technology is so advanced that bad actors can easily pretend to be someone they are not. This opens the user up to a myriad of different issues, including the possibility of sharing personal or confidential information with an actor they believe to be someone else. As such, ID verification is needed to ensure safety for users in both social and business settings, through the possibility of verifying the actors in question.
What is the future of big tech’s control over new innovations? What are the potential benefits? Risks?
Don’t get me wrong, social media has done a lot of good for society, keeping us connected with friends and loved ones far away, allowing us to stay informed about world news, and enabling new business models. There really are so many benefits to these platforms.
My concern, however, is that the data mining business model is putting users at risk. Have you ever had a conversation with a friend, say you’re talking about hosting a barbeque, and then all of a sudden you get ads on your phone and computer for a grill? It’s scary stuff.
The idea behind a decentralized identity solution like Concordium is to take back control of user data while still protecting individuals from fraud or identity theft. We can still enjoy all those benefits of social media without the added risk of data mining.
How might tech giants gain more control over data and online identities?
Think of the last time you created an account on a website. You were likely asked if you would like to log in through Google, Facebook, or a similarly large platform rather than creating a brand new account. We are constantly expanding our digital footprint within our digital society, linking sources of information together and allowing them to be accessed by more and more parties. The amount of data tech giants already control is worrying, and it is something we rarely consider whenever we click to “accept the terms and conditions” on a website. Tech giants are constantly pushing the boundaries of the information they can access, store, and control. A decentralized identity system is the solution to this, as it provides solely necessary and basic information with the full consent and knowledge of the user prior to doing so.
What is a “digital identity dystopia”?
In a world where centralized actors (Big Tech, governments, private companies) have control over user data and can manipulate this power for their own agenda, we will have reached a “digital identity dystopia”.
At the moment, I don’t think we’re far off. Think about your own online footprint. We share so much information online daily which we do not have full ownership of – a complete change in the control of our personal information that came about in just the last 15 years or so.
The decentralization of data storage on a blockchain allows us to reverse this trend and gain back some ownership of our data. With decentralized identity solutions, we want to prevent a digital identity dystopia of personal data being used for purposes other than those intended, such as the selling of our data.
How do decentralized identity solutions help secure user data?
Rather than storing user information on a singular server platform that is easily accessible and more prone to breaches, a decentralized solution utilizes multiple computers or nodes across a P2P network, rendering it significantly more difficult to hack into. Through building decentralized identity management systems on a blockchain, user data is securely stored. With centralized data there is one server to break into, with decentralized data there are many.
What roles do user consent and permissions play in the deployment of decentralized identity systems?
Zero-knowledge proofs within decentralized identity systems stored on a blockchain allow users to exercise complete control over their data. Users do not need to consent to a long list of terms and conditions, handing over information to a third party or a big tech company to be stored and/or sold. Zero-knowledge proofs work through one party proving to another party that a statement is true without revealing unnecessary or extra information. The user has total control over the information they wish to share, and no excess information is given without their full knowledge and approval. This puts the consent into the hands of the individual and gives them the peace of mind that their data is protected.
How do decentralized identity solutions help create personalized user experiences in AR/VR ecosystems?
In AR and VR ecosystems, decentralized identity solutions help by allowing users to share only the information that want and also protecting them against bots, hackers, and others with malicious intent. This is achieved through the fact that no information can be deleted from a blockchain, meaning that once a user fails to verify the necessary information or once an account is flagged as acting maliciously, it is impossible to remove this information and it can be made known. This allows users to remain safe and protected with an AR or VR ecosystem.
Additionally, users feel secure in knowing that they are not at risk as precautionary measures are built into the system. They are not at risk of their personal data being shared as a result of the zero-knowledge proofs of decentralized systems, and they are in complete ownership of their avatars, as opposed to within centralized systems wherein big tech companies own the rights to your online identity.
How do centralized identity management solutions impact our everyday lives?
Centralized management solutions remove the ability for the user to decide how they want their data to be used and/or shared. This centralized manner of storing data is the reason that the phone you searched for on Google appears in an advertisement on your Facebook homepage or the reason that you get a pop-up about cheap flights to France in the middle of a news article minutes after watching a YouTube video on the best sites to visit in Paris. User information is sold to advertisers without the individual being fully aware that it is happening.
Centralized identity management solutions are also the reason behind data breaches, including the Apple data breaches in 2022. These breaches affected the lives of all Apple users when they were alerted that the saved login details to all of their accounts may have been acquired by hackers. Not only is this stress-inducing, but it could also be costly and dangerous, depending on the information acquired by the perpetrators.
Decentralization allows the user to be in control of their own personal data and information. This gives peace of mind and creates security for users. Modern life is stressful enough without worrying about how unnamed individuals could be stealing, selling, or accessing your data.
Related: What Is Extended Reality (XR)?