Your next ID will be an NFT
Ok, maybe not your next ID, but it will happen, and sooner than you think. In fact, it will be much bigger than just your ID. All your identity data will be tokenized and accessed through a single NFT.
Yes, you read that right, an NFT. The same technology that is currently being used by gaming companies and which most recently exploded into the mainstream with projects like Crypto Punks, Bored Ape Yacht Club, and Loot selling on opensea.com for millions of dollars to everyone from celebrities like basketball star Steph Curry, to brands like Visa, to the broader crypto audience.
Think about it. As the focus on privacy and data protection increases, the subject of identity is becoming one of paramount importance to both businesses and everyday people. From government to financial services to technology to health care, today’s biggest brands and governments are making bold claims about privacy regulations, privacy roadmaps, and the work they are doing to secure your personal details.
And truth be told most brands appear to be doing a pretty good job with the tools they have. However, the fragmented nature of personal identifying data means that no one entity can currently solve all of the existing challenges in the space. The challenges include but are not limited to the following points:
Solving these challenges requires improvements in both technology and governance with a focus on Security, Control, Transparency, Trust, and Value. But even with all the focus being put into this today, the fact is that identity data remains fragmented and hence some challenges will likely persist.
Tokenized identity in the form of an NFT with on-chain data could offer some interesting advantages. A simplistic way of thinking about this would be to imagine a digital version of your driver’s license or passport that is registered on a blockchain. That said, this process on its own would not solve the challenges of digital identity data.
For that, we need to consider all the different types of data that make up our digital identity, as well as the governance structures required to manage access in a safe, compliant, and trusted manner. This means taking a structured approach that compartmentalizes all the different data facets that a business or other institution might need about a person, and then creating a governance layer to manage the access and distribution of this data so that only the people who need it, and have authorization can access it. But more than this, it also means that they don’t get more data than is absolutely required. This objective should be to share the minimum amount of data required to achieve the desired outcome.
It would be as if your identity data was split up into thousands of individual safety deposit boxes, each one with different information inside. When there is a need to access any of the data to verify your identity, check your credit, or for any other reason, the business/people requesting access will only get the key to the few safety deposit boxes they really need and nothing more.
This would be equivalent to having one digital token / NFT containing a complete picture of your identity, and all digitally tracked identifiers. This means it could:
领英推荐
Keeping all this data in one location will present new security challenges but having a centralized solution could help to ensure that all information is up-to-date, complete, and accurate. That said, it would also be far more information than any single party should have access to, and as such, governance would be critical. This governance will be managed by smart-contracts that manage permissions and record each interaction with your identity data on-chain such that an auditable record would always be available.
In this way, permissions and access could be managed in different ways for different types of requests and requirements.
To understand the reason for this last access type let’s consider a Use Case where a person is unconscious and gets brought to a Hospital Emergency Room. To avoid the risk of the hospital treating the person with a medication they are allergic to, the persons' medical records would need to be accessible without explicit permission from the person. ?
This may sound like it offers the potential for abuse, but even in circumstances such as these, accessing the medical history data included within the token would be governed by a smart contract that would create a fully auditable record of what data is accessed. In this way, the smart contract could be set to guarantee that access to the data could only be done from a hospital (or other pre-defined location sets), it could even capture the identity of the nurse or doctor who accesses data within the audit trail. In this way, abusive access could be quickly identified and flagged to people on a case-by-case basis for review.
Another benefit smart-contracts offer would be in how they could manage the valid lifespan of data. In this way, they could ensure that only the most current and relevant data is used while still keeping a record of historical data. One example of why this is important is when banks do a credit check to authorize a loan or other transaction. At these points in time, it is important that the decisions the banks make are based on the most relevant, recent, forward-looking, and complete information – i.e. the most relevant data points possible.
Hopefully, this is starting to paint the picture of how tokenized identity could offer benefits when it comes to control, trust and value through the implementation of smart contracts, and transparency and protection through accessible audit trails.
There are of course huge challenges to overcome before a system like this becomes real. For one, a consolidated set like this would be a huge target for hacking. But further to this, issues around the speed and transaction volumes on-chain will need to get much better, not to mention the question of how this could be implemented: does it need to be international, would this be done by government, would it need to be a public-private partnership?
And this is only scratching the surface of the challenges involved. These are many big questions, with complex answers that must be answered before anything like this becomes real. But there are many different organizations, both public and private, thinking about the challenges and how to solve them, so I expect that as technological progress continues to scale exponentially, we will see progress in terms of how we manage and protect identity data come faster than anyone expects.
So, while I can’t say when, I won't be surprised if in the not-too-distant future your ID becomes an NFT and your crypto wallet becomes your tool for governing access.
I just applied for a new UK passport. Was pretty slick 7 day process mostly online. However, paper passports increasingly feel like an archaic way to prove who you are to cross borders. If I was offered the option to have the ID as an NFT dropped into my Metamask wallet via the Ethereum blockchain - I'd have said 'yes please'. Straight up digitisation. If I could then pass through the airport onto a plane with my passport, boarding pass, vaccine certificate all in my Metamask. I'd say - triple yes please. The public private partnership we need is with Apple. They have (for now) maintained a reputation for respecting user privacy which is fast rising up their long list of USP's.
Insightful! But I would find it hard not to worry about the security risk of centralisation
Content Strategist | Marketing Consultant | Helping Crypto Brands Stand Out with Content & Strategy
3 年NFTs are the future of ownership. With NFTs converting a physical asset into a digitized version takes away any need for middlemen in the execution of transactions. This advantage also spreads towards the improvement of business processes as a whole. I strongly believe the current use of NFT is not the last stop for this innovation. There are possibilities for the creation of a new market and its use as an investment engine on its own.