Getting your Trinity Audio player ready... |
A user-managed, universal digital identity will make life more secure for users, but it’s only possible if major mobile OS makers (iOS/Android) lift their restrictions on communications between apps.
Project Babbage Founding President Ty Everett has posted a petition at Change.org calling for these changes but adds that if the call isn’t heeded, it may be necessary to develop entire new mobile operating systems.
To be clear, the “digital identity” we’re referring to here is based on the Metanet vision for Web3. Such an identity would be entirely user-owned yet secure access to other apps and online services that currently use account names and passwords. It would enhance privacy and give control over personal data back to its owners.
People could use this identity system to encrypt their data, digitally sign messages and verify documents, as well as facilitate transactions. The average person manages (or fails to manage) 70-80 different passwords for various services. Though many use some form of password manager to handle these, it’s still a cumbersome process involving copy/pasting and manual set-ups on different devices. Most still resort to writing passwords down on paper or using the same password across multiple services, which presents a huge security vulnerability.
🚀🚀https://t.co/meU5O30Hjl is LIVE!
Sign our petition to urge Apple & Google let web3 identity manager apps onto the App Store and Google Play! For too long, everyone’s identity has been fragmented across platforms. MetaNet fixes this on computers, let’s fix it for phones too.
— Babbage (@ProjectBabbage) July 22, 2024
Everett revealed the domain OwnYourOwnIdentity.org in an X post, which redirects to the Change.org petition (at least for the time being). Reading the statement, it appears Everett isn’t confident the mobile OS giants will respond and noted that Project Babbage is “taking proactive steps to develop a new custom operating system that empowers users to own their digital identity fully.”
“However, we hope it doesn’t come to this and earnestly appeal to these technology behemoths to consider our plea.”
So what’s the problem with mobile apps?
In order to have a digital identity system that works seamlessly across multiple devices and services, there needs to be some form of direct information sharing between apps. On desktop systems, Everett explains, this is easily done because applications can talk to each other via IPC, or inter-process communication. However, mobile apps conform to stricter security standards, and IPC is limited to widely used mobile operating systems.
iOS “sandboxes” apps, which don’t allow data sharing at all, or use XPC (cross-process communication), which is limited to apps from the same developer. Android technically supports IPC through the Binder framework, but they can’t access system-level services without root access.
Apple (NASDAQ: AAPL) and Google (NASDAQ: GOOGL) claim these restrictions are necessary security features, but Everett says they merely prioritize control and profit over user freedom and privacy. Restricting IPC on mobile devices obstructs innovation and prevents developers from creating a universal digital identity system that other services can plug into.
“Large companies like Apple and Google have a choice: they clearly have the ability to lift these restrictions, but it would not serve their bottom lines to do so,” said Everett. “However, we are not waiting for them to change. We are taking proactive steps to develop a new custom operating system that empowers users to own their digital identity fully.”
The term “digital identity” has a bad rap in some circles because it often refers to a hypothetical centralized, government-owned, and government-mandated form of ID with the same privacy and security concerns that exist for online services today. Breaches of online databases, which occur far too often, frequently result in identity theft and loss of money. There’s also no way of knowing who has access to your identity data (or for what purpose), even when that access is legitimate.
User-owned and blockchain-based digital identity management, whether it’s called “Metanet” or simply “Web3,” would solve the centralized data repository problem for digital IDs. The issue, as always, is whether governments and corporate giants will allow it to become widely used or will always prefer users to remain within their centralized control zones.
Watch: BSV blockchain turns developers’ vision into reality