DIF’s ED Kim Hamilton Duffy and SC member Steve McCown delivered a Technical Mastery Sprint to a packed audience on the opening day of the 2024 European Identity and Cloud conference.
Steve highlighted the scale of internet security and data privacy problems, noting that some 25 billion login credentials had been leaked to the dark web by 2022, a 65% increase from 2020. Identity is the hackers’ real objective, since this is what enables lucrative fraud schemes. This threat impacts both individuals - what happens when your biometrics are stolen? - and organizations - 98% of whom have relationships with at least one vendor that has experienced a breach within the past 2 years, according to the Cyentia Institute.
Steve and Kim introduced key decentralized identity building blocks including Decentralized Identifiers (DIDs), DID methods, DIDComm, wallets and agents, and how they can help address the current privacy and security challenges. They emphasized that these elements can be readily incorporated into existing systems, demonstrated by the growing use of decentralized identity to create on-ramps between Web2 and Web3 (and now Web5) applications.
Sam Curren demonstrated a new protocol that bridges DIDComm and OpenIDConnect, facilitating eIDAS-compliant integration of DI within the EU digital identity wallet to enable new use cases.
Steve and Kim spoke about how trust is established in a world where anyone can issue credentials, and highlighted several approaches that are gaining traction, including Trust over IP Foundation Trust Registries and DIF Credential Trust Establishment.
Kim outlined credential issuance and exchange flows and highlighted some implementation challenges, solutions and best practices, including credential storage and key management, and provided tips for managing a DI project and how to get started. She also outlined several existing government, educational, workforce management and supply chain use cases, and wrapped up the session with a live demonstration of DID creation and credential issuance using the Veramo CLI toolkit.
The session generated strong audience engagement, with Kim and Steve answering questions on topics including the trust relationship between issuers and relying parties, delegated authority (e.g. where a parent manages their child’s credentials), credential revocation, reconciling multiple user accounts, the need for centralized record keeping (e.g. for regulatory compliance), key storage and wallet recovery.
Look out for a more in-depth post where we provide their answers!