Babbitt Original | Microsoft, Baidu successively layout, is DID an inevitable choice for the digital process?

Last week, Baidu Smart Cloud released a DID applet digital identity wallet. DID (Decentralized ID) is a distributed digital identity based on blockchain technology. What is digital identity? How is digital identity based on blockchain different? Which companies in the industry are making relevant attempts? Is there a uniform industry standard? What are the expected changes for ordinary users in the future? These issues will be addressed one by one in this article.

Prehistory: 4 stages of digital identity

With the birth of the Internet, digital identity has also undergone a long evolution. According to the classification of the pioneer of Internet cryptography and chief architect of Blocksteam Christopher Allen, digital identity is divided into 4 stages.

The first stage is "centralized identity", which is managed and controlled by authoritative institutions. In the early days of the Internet, organizations such as IANA determined the validity of IP addresses, ICANN determined the validity of arbitrated domain names, and CA helped Internet sites prove the authenticity of their identities. The disadvantage of this is that users are locked into a single management organization, their identities in each site are separated from each other, and they have no autonomous control.

The second stage is the "confederation identity", which is managed and controlled by multiple agencies or alliances. One example is Microsoft's Passport program, which allows users to use the same identity on multiple sites. But the end result of this is that centralized authorization is divided into several powerful giant organizations.

The third phase is "user-centric identity", and the core is that everyone should have the right to control their digital identity. The ASN team, Identity Commons, and the IIW community have all done a lot to this end. The final result is that we can choose multiple authentication methods when logging in to the application, such as mobile phones, WeChat, Weibo accounts, Facebook and other accounts, but the hidden danger of doing so is that these service nodes have the right to close our account and make We lose our identity at multiple sites at the same time.

The fourth stage is "self-sovereign identity", which establishes a unified identity layer for the Internet, allowing people, organizations, and things to have their own sovereign identity and manage their own identity information.

Process: Industry Exploration of Distributed Digital Identity

Globally, the research on distributed digital identities is not long, but there have been many industry standards dominated by technology companies. The organization of key data in distributed digital identities, such as the distributed identifier (DID) and verifiable credentials specifications have been developed by the International Standards Organization W3C; distributed key management standards are structured internationally The information standards promotion organization OASIS facilitates the preparation and submission.

The World Wide Web Consortium (W3C) has begun the formulation of DID specifications. At present, Microsoft, ArcBlock, uPort, lifeID, Civic, Sovrin, etc. have submitted their own DID protocol methods.

In addition, the Decentralized Identity Foundation (DIF), a consortium dedicated to improving the interoperability and standards of identity systems based on blockchains, Microsoft, Accenture, IBM, Hyperledger, Biyuanchain, Elastos Have also joined in.

In February 2018, Microsoft announced that DID was used as the company's blockchain strategy entry point. In October of the same year, a white paper entitled "Decentralized Identity" was released. In May this year, ION (Identity Overlay Network) was released. An early preview of a decentralized identity (DID) network. The industry believes that if Microsoft presets the DID function into Microsoft's hardware products, it is likely to play a widespread role like the Windows 95 operating system.

IBM also has several projects related to distributed digital identities. These include Indy, co-sponsored by IBM and HyperLedger, and Hyperledger Indy's project Sovrin is a pioneer in enterprise-level solutions, which has advantages for enterprises that need to deploy DID based on open source technology immediately. A blockchain identity verification network being built by IBM, SecureKey, and members of the Canadian digital identity ecosystem. Visa also launched a blockchain-based digital identity system with IBM in the first quarter of 2019 to improve cross-border payment security.

ArcBlock, Civic, uPort already have such products. ArcBlock released the ABT wallet in May this year, using the decentralized identity DID standard. uPort is a decentralized identity system based on Ethereum for decentralized applications (Dapp). A beta version was released on the Ethereum test network in May.

The future: the inevitable choice to migrate to the digital world

Fifty years after the birth of the Internet, people are increasingly migrating from the physical world to the digital world. Application-centric account management methods have exposed more and more disadvantages: First, the maintenance cost is high, and the identity authenticator (such as government, finance, and social basic service departments) and the relying party (service provider) need to be the same The identity authentication service of the entity pays repeated time and economic costs; the second is the security risks caused by the user password method. It is reported that 10% of users on the network impersonate others to commit cyber crimes; the third is the problem of data privacy security, Facebook count There have been serious privacy leaks.

Correspondingly, the distributed digital identity (DID) based on the blockchain has three advantages: first, decentralization, based on the blockchain, avoiding identity data being controlled by a single centralized authority; second, identity Autonomous and controllable, based on DPKI (Distributed Public Key Infrastructure), the identity of each user is not controlled by a trusted third party, but by its owner, and individuals can manage their own identities independently; the third is trusted data Exchange, identity-related data is anchored on the blockchain, and the authentication process does not need to depend on the application party providing the identity.

"On the surface, DID is just a new type of global unique identifier, but at a deeper level, DID is a new type of distributed digital identity for the Internet." Said Mao Hongbin, a R & D engineer at Baidu Intelligent Cloud.

According to the 2019 digital report released by We Are Social and Hootsuite, the global population is 7.676 billion people, of which 4.388 billion are Internet users, accounting for 57%. And a McKinsey research report on digital identity released in January this year revealed that if digital identity is popularized and implemented correctly, 78% of informal workers in low-income countries will benefit, and 110 billion hours will pass government services, The streamlining of social security has been saved.

As far as China is concerned, in 2018, the scale of China's digital economy reached 31.3 trillion yuan, accounting for 34.8% of GDP, and it has become an important engine of China's economic development. It is predicted that by 2030, China's digital economy will account for more than 50% of GDP, and it will fully enter the digital economy era. Therefore, distributed digital identity is an inevitable trend and choice for the development of the Internet to this day.


1. Zhang Yifeng and Ping Qingrui "China Blockchain Development Report (2019) Technology Innovation" 2. Christopher Allen "The Path to Self-Sovereign Identity", April 25 2016 3. Mao Hongbin, Baidu Intelligent Cloud R & D Engineer, "Distributed Digital Identity ", 2019.11.21