The World Wide Web Consortium (W3C), an international organization that creates standards for the World Wide Web, announced that Decentralized Identifiers (DIDs) v1.0 is now an official web standard.
This new type of verifiable identifier, which does not require a centralized registry, will allow both individuals and organizations to better control their online information and relationships, while providing greater security and privacy.
A distributed identifier (DID) is a simple text string consisting of 3 parts:
1) The DID URI scheme identifier
2) The identifier for the DID procedure and
3) The DID method specific identifier pic.twitter.com/sfXyPiQiZE
— BitKE (@BitcoinKE) October 7, 2022
There is a historical analog to this announcement in the development of mobile phone numbers. Originally, these belonged to the mobile operator and were “rented” to individuals. This required individuals to change numbers when changing carriers. With the introduction of mobile phone number portability, individuals could now “take their numbers with them” when switching operators.
The same is true of most email addresses and social networking addresses today – they are not “owned” by individuals and must be changed if the person switches providers. In contrast, W3C Decentralized Identifiers can be controlled by the people or organizations that create them, are transferrable between service providers, and can persist for as long as their controller chooses to continue using them.
In addition, DIDs have the unique property of allowing the controller to verify ownership of the DID using cryptography. This can enable any controller of a DID – an individual, an organization, an online community, a government, an IoT device – to conduct more trusted transactions online. Specifically, individuals can use DIDs to take back control of their personal data and consent, and also enable more respectful two-way trust relationships that prevent forgery, respect privacy, and improve user experiences.
Basically, decentralized identifiers are a new breed of globally unique identifiers that can be used to identify any subject (e.g., a person, an organization, a device, a product, a place, even an abstract entity or concept). Each DID is resolved into a DID document that contains the cryptographic material and other metadata to control the DID. The key pillars of the DID specification are:
- DIDs do not require a central issuing office (decentralized)
- DIDs do not require continued operation of an underlying organization (persistent)
- Control over DIDs and associated information can be cryptographically proven (verifiable)
- DID metadata can be discovered (resolvable)
Markets adopting DIDs
W3C Decentralized Identifiers coupled with W3C Verifiable Credentials are used in a number of markets where identification and data authenticity are an issue:
- governments – The US, Canada and the EU are exploring the use of DIDs to provide their businesses and residents with privacy-compliant digital identity documentation, allowing those businesses to choose how and when their data is shared
- retailers – Convenience stores, grocery stores, restaurants, bars and consumer goods companies across the US are using DIDs for new digital age verification programs to increase privacy, increase checkout speed and combat the use of fraudulent ID documents when purchasing age-restricted products
- Supply chain stakeholders — Global government regulators, trade standards bodies, providers, shippers and retailers are using DIDs to explore next-generation systems that will more accurately verify the origin and destination of products and services, which will streamline reporting and enable more accurate application Tariffs to prevent dumping and monitoring of transhipment
- workforce – Universities, vocational training programs and educational standards organizations are adopting DIDs to issue digital proofs of learning that are controlled and shared by the graduate when applying for college or a job
Work continues at the W3C
Comprised of over 450 organizations, the W3C has invested in W3C Decentralized Identifiers and W3C Verifiable Credentials to ensure a more decentralized, privacy-friendly, and consent-based data exchange ecosystem.
Official standards work on these technologies continues through the newly formed W3C Verifiable Credentials 2.0 working group, which will focus on expanding functionality based on market feedback. Further incubations on future privacy-enhancing technologies will come through the W3C Credentials Community Group, which is open to the general public for participation.
About the World Wide Web Consortium
The mission of the World Wide Web Consortium (W3C) is to push the Web to its full potential by creating technical standards and guidelines to ensure the Web remains open, accessible, and interoperable for everyone around the world.
The well-known W3C standards in HTML and CSS are the basic technologies on which websites are built. The W3C works to ensure that all fundamental web technologies meet the needs of civil society in areas such as accessibility, internationalization, security and privacy. The W3C also provides the standards that underpin the infrastructure for modern businesses that use the Web in areas such as entertainment, communications, digital publishing, and financial services. This work is created openly, made available free of charge, and covered by the W3C’s pioneering patent policy.
The W3C’s vision for One Web brings together thousands of dedicated technologists representing more than 400 member organizations and dozens of industries. W3C is co-hosted by MIT Computer Science and Artificial Intelligence Laboratory (MIT CSAIL) in the United States, the European Research Consortium for Informatics and Mathematics (ERCIM) headquartered in France, Keio University in Japan, and Beihang University in China.
For more information, see https://www.w3.org/.