Today, it’s common for the apps to require that their users prove their identity and other credentials; however, the authentication process discloses a number of unnecessary and potentially sensitive personal information along the way.
For instance, in order to access an online streaming-movie service’s app, users might have to prove that they have a paid subscription and are over 18 years old. Usually that would mean revealing their full date of birth along with various other personal details that aren’t actually necessary for the proof, like first and last name, address, etc.
As such, Identity Mixer helps protect users’ privacy by focusing on only the essentials of the evidence. The credit goes to a set of algorithms based on cryptography by at IBM Research that allows developers to build apps that can authenticate users’ identities using a “zero-knowledge proof” that records no personal data.
Particularly, Identity Mixer authenticates users by enquiring them to offer a public key. Each user has a single secret key that corresponds with multiple public keys. Each transaction a user makes receives a different public key leaving no privacy “breadcrumbs.”
In the streaming service example above, users would have both identity and subscription credentials stored in a personal Credential Wallet. To reach a movie, users could use that electronic wallet to prove that they’re entitled to watch the selected content without having to expose any other details.
IBM’s new technology is really a great boon for preventing personal data of individual as well as professional data.