Hackers do not break in, they log in. Cybercrime has evolved beyond traditional notions of hackers breaking into servers. Instead, criminals frequently exploit weak passwords and log in undetected, leading to widespread digital fraud. The industry has responded by implementing solutions based OTPs and PKI certificates, however, hackers are not far behind and the security industry needs to constantly keep moving to maintain an edge. At the same time, there is an ever-growing amount of privacy legislation to comply with.

In this blog post, we discussed with Awais Ahmad, CTO of 12iD, the implementation of Ledger technology within the 12iD app and what this means for cyber security and the user experience. Awais, a software leader and developer with over a decade of experience, specializes in backend development, integrations, platforms, and transaction development. 

We’ll explore the unique aspects of Ledger technology and its differentiation from other authentication services.

What is ledger technology and how is it used in the 12iD app?

Basically, what we use in the 12iD app is called Distributed Ledger Technology (DLT). DLT is a distributed set of nodes that can provide consensus (agreement) about replicated encrypted data. This means that the data is processed on multiple computers, so it is not vulnerable to hacking or tampering.

Currently, there are two main ways to create an identity solution:

Centralized: All identity data is stored on a single server (database) in a centralized system. In this solution, the ID solution company would be the core of the system and would manage and maintain the identity of all users. This makes the data more vulnerable to attack and limits its clients to work only under local jurisdiction.

Decentralized: In a decentralized system, like ours, the solution is rather reliant on multiple nodes, improving security. Because the data is stored by each individual Issuer and not by a separate central entity, it complies with any country's regulation, making it a scalable and truly global solution.

How does DLT improve cyber security?

DLT improves cyber security in several ways:

• Decentralization: Having decentralized data is safer and less vulnerable to attack than having a single server since several servers would need to be breached.

• Zero-knowledge proof: Since ID information is only interchanged in the form of hashes, identity theft becomes virtually impossible.

• Scalability: DLT allows nodes to be added or removed from the network as the need arises allowing the 12iD solution to scale as needed.

• Availability: A distributed architecture such as 12iD has higher availability and robustness compared to traditional centralized systems.

How does DLT improve the user experience?

12iD DLT system can improve the user experience by:

• Zero-knowledge proof: 12iD uses zero-knowledge proof, which means that the user’s identity data is never revealed to the 12iD. This also means that the Issuer is fully in control of the user data.

• Multi-factor authentication: 12iD allows the use of multi-factor authentication, which means that the user must provide multiple pieces of information to authenticate themselves.

• Ecosystem: 12iD enables an ecosystem of different Issuers allowing users to access a variety of services across all connected companies through the 12iD app.

• Visibility: The user is informed of the information shared with the provider with each authentication.

12iD offers a combination of all the above which makes it a truly unique offering.

Conclusion

DLT is a promising new technology that has the potential to revolutionize the way we manage identity data. 12iD is at the forefront of this revolution, and its service offers a secure, convenient, and scalable way to manage identity data. To learn more don't hesitate to contact us!