The World Wide Web Consortium (W3C), an international organization that creates standards for the World Wide Web, has announced that Decentralized Identifiers (DIDs) v1.0 is now an official Web standard.
This new type of verifiable identifier, which does not require a centralized registry, will enable both individuals and organizations to take greater control of their online information and relationships while also providing greater security and privacy.
A Decentralized Identifier (DID) is a simple text string consisting of 3 parts:— BitKE (@BitcoinKE) October 7, 2022
1) The DID URI scheme identifier
2) The identifier for the DID method, and
3) The DID method-specific identifier pic.twitter.com/sfXyPiQiZE
There is a historical analog to this announcement in the evolution of mobile phone numbers. Originally these were owned by the mobile carrier and ‘rented’ to the individual. This required individuals to change numbers if they changed carriers. With the adoption of mobile phone number portability, individuals could now ‘take their numbers with them’ when switching carriers.
The same is true of most email addresses and social network addresses today – they are not ‘owned’ by individuals and must be changed if the individual changes providers. By contrast, W3C Decentralized Identifiers can be controlled by the individuals or organizations that create them, are portable between service providers, and can last for as long as their controller wants to continue using them.
What’s more, DIDs have the unique property of enabling the controller to verify ownership of the DID using cryptography. This can enable any controller of a DID – an individual, an organization, an online community, a government, an IoT device – to engage in more trustworthy transactions online. For individuals in particular, DIDs can put them back in control of their personal data and consent, and also enable more respectful bi-directional trust relationships where forgery is prevented, privacy is honored, and usability is enhanced.
Fundamentally, Decentralized Identifiers are a new type of globally unambiguous identifier that can be used to identify any subject (e.g., a person, an organization, a device, a product, a location, even an abstract entity or a concept). Each DID resolves to a DID document that contains the cryptographic material and other metadata for controlling the DID. The foundational pillars of the DID specification are:
- DIDs do not require a central issuing agency (decentralized)
- DIDs do not require the continued operation of an underlying organization (persistent)
- Control of DIDs, and the information they are associated with, can be proven cryptographically (verifiable)
- DID metadata can be discovered (resolvable)
Markets adopting DIDs
W3C Decentralized Identifiers, coupled with W3C Verifiable Credentials, are being used across a number of markets where identification and data authenticity is a concern:
- Governments – The US, Canada, and the EU, are exploring the use of DIDs to provide privacy-protecting digital identity documentation for their businesses and residents, which enable those entities to choose how and when their data is shared
- Retailers – Convenience stores, grocery stores, restaurants, bars, and consumer goods companies in the US are utilizing DIDs for new digital age verification programs to increase privacy, checkout speed, and combat the use of fraudulent identity documents when purchasing age-gated products
- Supply chain stakeholders — Global government regulators, trade standards institutions, vendors, shippers, and retailers are using DIDs to explore next generation systems that more accurately verify the origin and destination of products and services, which will streamline and enable the reporting designed to apply correct tariffs, prevent dumping, and monitor trans-shipment
- Workforce – Universities, job training programs, and education standards organizations are adopting DIDs in order to issue digital learning credentials that are controlled and shared by the graduate when applying for higher education or workforce positions
The Work Continues at W3C
W3C, composed of over 450 organizations, has made the investment in W3C Decentralized Identifiers and W3C Verifiable Credentials to ensure a more decentralized, privacy-respecting, and consent-based data sharing ecosystem.
Official standards work will continue on these technologies through the newly re-chartered W3C Verifiable Credentials 2.0 Working Group, which will focus on expanding functionality based on market feedback. Further incubation on future privacy-respecting technologies will occur through the W3C Credentials Community Group, which is open to participation by the general public.
About the World Wide Web Consortium
The mission of the World Wide Web Consortium (W3C) is to lead the Web to its full potential by creating technical standards and guidelines to ensure that the Web remains open, accessible, and interoperable for everyone around the globe.
W3C well-known standards in HTML and CSS are the foundational technologies upon which websites are built. W3C works on ensuring that all foundational Web technologies meet the needs of civil society, in areas such as accessibility, internationalization, security, and privacy. W3C also provides the standards that undergird the infrastructure for modern businesses leveraging the Web, in areas such as entertainment, communications, digital publishing, and financial services. That work is created in the open, provided for free, and under the groundbreaking W3C Patent Policy.
W3C’s vision for ‘One Web’ brings together thousands of dedicated technologists representing more than 400 Member organizations and dozens of industry sectors. W3C is jointly hosted by the MIT Computer Science and Artificial Intelligence Laboratory (MIT CSAIL) in the United States, the European Research Consortium for Informatics and Mathematics (ERCIM) headquartered in France, Keio University in Japan and Beihang University in China.
For more information see https://www.w3.org/.