Traditional identity and access management frameworks are no longer scalable, and commercial systems are at a breaking point for users. We explore this subject in our just-published Predicts 2023: Users Take Back Control of Their Identities With Web3 Blockchain
Various solutions – ranging from centralized password managers to federated identity management – have failed to gain adoption since Bill Gates predicted the death of passwords in 2004.
Traditional password-based security is headed for extinction, said Gates in 2004, because it cannot “meet the challenge” of keeping critical information secure.
Things have only gotten worse and critical information has become even less secure in the past two decades, but
Web3 decentralized identity (DID) integrated with Web 2.0 verifiable credentials finally offers a viable scalable solution.
See Figure 1 below from Guidance for Decentralized Identity and Verifiable Claims by Homan Farahmand which describes the wallet component of this architecture:
Predicts 2023: Users Take Back Control of Their Identities With Web3 Blockchain lays out a roadmap for how Web3 DCI will enable user control of identity data, while supporting verifiable credentials from Web 2.0 IAM systems they interact with.
For this to occur, organizations must support their IAM processes from new Web3 DCI frameworks. At the same time, Web3 ‘killer’ applications that require identity management must gain widespread adoption. This is a tall order – and our predictions count on it happening over time. Unique innovative DCI tech solves numerous identity and authentication challenges of systems that are broken today.
- By 2027, hybrid NFT identities (identity wallets, with both verifiable claims, and NFT identities) will be used by more than 50% of metaverse users for their online persona.
- By 2026, at least 500 million smartphone users will be regularly making verifiable claims using a digital identity wallet built on distributed ledger technology.
- By 2027, social media platform models will shift from “customer as product” to “platform as customer” of decentralized identity sold through data markets.
Use Cases Rolling Out
We are already witnessing promising production implementations that support this paradigm shift. In Spain the wildly popular Cadiz C.F. Soccer Club implemented decentralized mobile identity wallets that give fans password free access to the club’s digital services and physical access to the stadium. Users own their identity data and decide when and what to share with sponsors and advertisers. This implementation, developed by Wise Security, is based on industry standards, so fans will be able use the same credentials at different service providers who accept them.
Our advice to enterprises:
- Prepare to bridge current Web2.0 applications with new Web3 IAM technology, which solves contention between decentralized and centralized identity.
- And expect stand-alone centralized identity schemes and DCI to coexist for many years to come — leveraging each of them will be necessary to ensure accessibility for the widest range of users.
One thing is certain: Old Habits Die Hard
The Gartner Blog Network provides an opportunity for Gartner analysts to test ideas and move research forward. Because the content posted by Gartner analysts on this site does not undergo our standard editorial review, all comments or opinions expressed hereunder are those of the individual contributors and do not represent the views of Gartner, Inc. or its management.