Passwords and logins have been the cornerstone of computer security across almost all account-based applications and websites for decades – but they’ve also been a consistent pain point.
The average person has over 100 passwords, with an estimated quarter of us losing one every single day. The implications of complex passwords being lost and simple ones being hacked led the tech giants of the Web2 world – like Google, Apple, and Microsoft – to launch an alternative known as “Passkeys.”
Developed by the FIDO Alliance, Passkeys enable digital users to log in to accounts on websites and applications straight from their devices without usernames or passwords, eliminating the need to create hundreds of different logins for every service we use once and for all.
Passkeys create a massive leap for usability and security if websites and users adopt the system. But they come with one glaring concern: they are entirely centralized. When a user enables passkeys to log in to any service, they’re placing trust in a single company to hold the private keys that grant access to websites. The more you use passkeys, the more your identities will be controlled by one powerful entity. Sounds great, until you get de-platformed.
If a user were to violate their agreement with the provider – like breaking Apple’s terms of service – the provider has the power to strip the user’s account access and, with it, access to every single online service for which the user relies on passkeys.
It’s one thing to be de-platformed from Twitter or Facebook. It’s an entirely different thing to be shut out of every single account you have.
With Web2 solutions, the trade-offs are clear. If you want a good user experience, you need to give up your personal data, and now you need to give up control of your access to that data.
The Problem With Identity in Web3 Today
In today’s Web3, ‘logging in’ to a service takes on a new form entirely, but it’s still “all-or-nothing.”
Web3 users can seamlessly connect their wallet to a service without the need for an intermediary, a password, or a login at all. With popular user interfaces like MetaMask, in just a couple of taps, a Web3 user can authenticate to a dApp – enabling smooth onboarding and quick transactions.
The process is trustless. No entity can take your account away from you or apply permissions to what services you can and can’t use. You are a sovereign entity on the internet, beholden to no one.
But there’s a BIG catch.
You don’t get to choose what information you share. You share everything in your wallet… all at once.
In Web 2, whenever you shop online, join a book club, or set up a social networking profile, you create your account on each of those platforms based on the information you choose to provide. Your account is what identifies you on each platform and enables you to selectively share data that you might see fit for one service, yet not for another. Whether it’s the email address you use to sign up or your home delivery address – you decide what relevant identity you share.
Web3 dApps today don’t offer the same flexibility.
The universal identity tied to a user’s single wallet removes stiff service account setup processes, but for the most part, this process limits user experience to being identified based on “what you own,” not “who you are.”
This has sufficed throughout the early days of the industry, but more builders and innovators migrating to Web3 means more opportunities will likely lead to new projects that look past finance-only features. Being defined by an account and every asset stored there isn’t going to cut it.
Where Web2 logins mean being bound to a corporation, Web3 logins mean being bound to an account address. If we’re to migrate towards a digital-centric future for everyday living, shouldn’t we be bound to… our identity?
Radix Personas: A User-First Experience
On Radix, ‘logging in,’ like everything else that impacts the User Experience, is radically different.
With the Q2 2023 Radix network upgrade to Babylon, one of the core features of the Radix Network and the Radix Wallet will be “personas.”
Personas allow users to separate their online identity from the account that holds their assets, improving privacy while creating a friction-free, trustless, and permissionless Web3 login experience.
Personas function by leveraging a component on the Radix ledger known as an “identity.”
Identities enable users to access dApps based on who they are – not what they own. It uses a system similar to passkeys but with one HUGE difference. Personas are fully decentralized and secured by the Radix Network - not a centralized entity like storing private keys on Apple or Google’s servers.
Here’s how it works:
- First, the user connects to a dApp on Radix with Radix Connect.
- Next, the user’s Radix Wallet sends a special piece of cryptographic data that only the verified user of the wallet (and identity owner) can produce.
- After that, the dApp to which the user is seeking to connect verifies the special piece of cryptographic data against identity data on the Radix Network.
- If everything checks out, the user is logged in without requiring a password.
Only then, if an account address (or set of addresses) is necessary to use that specific application, will the dApp ask the wallet for that information.
With personas, users can selectively share data from their Radix Wallet with websites. A user always has total and complete control over what information those websites are allowed to see.
With the Radix Wallet, users can have multiple personas and associate various pieces of personal data with a chosen persona for easy sharing.
For example, if one website wants to ask for your email address, the website will make a request to your wallet, and – if approved – the wallet provides the email address you associated with that persona you logged in with. So, for example, your work email is associated with your work persona, while your personal email is associated with your home persona.
If a website needs a piece of data every time you connect, it can even ask permission to automatically get it from the wallet every time.
Just like you always have control over what information you share, you also always remain in control of what permissions a website has to read personal data from your persona.
While personas use on-ledger identities to log in, personal data is never stored on-ledger – it is only shared directly from wallet to website.
Thanks to the multi-factor recovery features possible with the identity component, there’s also no loss of a user’s entire online identity and access to all their platforms should they lose the device or seed phrase – fixing one of the biggest problems in today’s Web3. (To learn more, see Smart Accounts and the End of Mandatory Seed Phrases)
With personas, Web3 will have a radically different user experience.
Paving the Way For Tomorrow’s Users
Development in the Web2 space – like passkeys – may seem like a shift towards ‘user-first technology,’ but if we’ve learned anything from the past, handing things like our identity over to megacorps isn’t a good idea and could have severe consequences for user sovereignty as we migrate towards a more digitally-centric world.
Web3 will eventually remove the centralized dominance that has long lingered over logins and online identity, but the Web3 available today offers its own version of an ‘all-or-nothing’ login ultimatum each time a user is expected to strip their unique identity and represent themselves as a wallet (and its contents).
While this might have sufficed for the days of demo DeFi, the industry needs to up its game. Web3 isn’t about giving people back ownership over their finances, it’s about giving people back ownership. If we want to enable a global shift from Web2 to Web3, we need to build the tools that can actually make that happen.
The good news? Radix has done just that.
At #RadFi2022, the team behind Radix unveiled a radically new chapter for Web3. The Radix Wallet – set to launch with Radix’s Babylon release in 2023 – is the first ever Web3 wallet built for a mainstream market. Still not convinced? Watch the Radix Wallet Keynote to learn more about its revolutionary technology and features like personas here. To read more about personas, head here.