HYPERSIGN: Replacing trust in IDP with DID

Protecting one's personal data from misuse by a third-party that has the aim of using the data without permission is a necessity in the world we are in currently. The data referred to here is any information that points to a particular individual, usually pieces of information that relates to a particular person when collected together. And there are a lot of companies looking for access to people's personal data to boost their sales/ productivity most times without permission from owners.

There are many ways of giving out this information online, but the most common way is through Social Logins. Wikipedia defines Social login as a form of single sign-on using existing information from a social networking service such as Facebook, Twitter or Google, to sign into a third party website instead of creating a new login account specifically for that website. It is to be noted that social login is created to simplify logins for end users as well as provide more and more reliable demographic information to web developers, giving out reliable personal data in the process.

The social networking services are referred to as IDP (Identity Providers), they are trusted with a user's personal information. Protocols looking to combat leaks of personal data, like Hypersign, identified many problems while analysing social logins through IDP. These range from Legacy, Authentication, Central Storage, Data misuse, Tracking and tracing. In current identity systems, the IDP sits in the center of the ecosystem, making it a critical and trusted entity. It is never good to put too much trust in a system that centralised, which is why DID is required to replace the trust.

What is DID?
Decentralized Identifier (DID) is designed to enable individuals and organizations to generate their own identifiers using systems they trust. It enables users to control over the system by authenticating using cryptographic proofs such as digital signatures. The main idea behind this is to give the chance to the user to be owner of its own data, instead of a third party. This is far better than placing trust in IDPs as it
- does not unnecessarily reveal personal information.
- can not be fraudulently replicated and asserted by a malicious third-party, zero identity theft.

Introducing Hypersign
Hypersign is a project that tackles problems associated with logins: storage of user personal data, tracking & tracing, data misuse, legacy authentication using passwords that require too much trust. It uses DID to replace IDPs.

Features of DID on hypersign.
=> Users give personal-data to issuers, which verify and issue cryptographically signed documents.

=> The end-user can store the verifiable credential in any user-agent such as a mobile device or cloud agent which only they have access to.

=> The user can now present this credential to the service provider, in a peer-to-peer fashion without notifying the identity provider or the issuer.

=> The verifier need not rely on the issuer or the IDP to be available online for verification of credentials given by the user.