In our recent live workshop, Introduction to Decentralized Identity, Richard Esplin (Dock Labs' Head of Product) and Agne Caunt (Dock Labs' Product Owner) explained how digital identity has evolved over the years and why decentralized identity represents such a fundamental shift.
If you couldn’t attend, here’s a quick summary of the three main identity models they covered:
Centralized Identity: Every system is its own silo
In the early days of networked systems, each organization managed its own database of usernames and passwords.
This worked fine when people only needed access to one or two systems, but as the number of services grew, so did the problems:
- Endless account creation and password resets
- High administrative overhead for IT teams
- “Honeypot” databases that became prime targets for hackers
Every application had its own identity store, and none of them communicated with each other.
Federated Identity: A shared source of truth
In the late 1990s and early 2000s, federated identity emerged to solve those issues.
Instead of every system managing its own users, a single Identity Provider (IdP) could authenticate users across multiple applications.
Think of logging in to different services using your Google or Microsoft account.
This model simplified access and made user management easier, but it also introduced new challenges:
- Each relying party still had to integrate separately with the IdP
- Those integrations could break easily
- The IdP itself became a single point of failure and a major target for attackers
Federation improved usability, but it reduced scalability and resilience.
Decentralized Identity: Data that moves with the user
Over the past decade, a third model has emerged: decentralized identity.
Instead of a single provider storing everyone’s data, each user keeps their verified data inside a secure digital identity wallet and can present it wherever needed.
Here’s how it works:
- A trusted issuer (such as a bank, university, or government) verifies a person’s data and signs a verifiable credential.
- The user (holder) stores that credential in their wallet, either on their phone or in the cloud.
- When they need to prove something, they share only the required data with a verifier, who can instantly check the credential’s authenticity without contacting the issuer.
This model gives users control, strengthens privacy, and removes centralized honeypots while making onboarding and verification faster and more secure.
The Paradigm Shift: From organization-centric to user-centric identity
This evolution is not just technical; it is architectural.
Traditional systems are organization-centric, meaning each company builds and maintains its own identity infrastructure and controls who users can interact with and what data they share.
In the user-centric model, the balance of control changes:
- Users hold and share their own verified data instead of organizations storing it for them.
- Trust flows cryptographically, not through central intermediaries.
- Privacy and consent are built into the architecture by design.
- Organizations still benefit because they can instantly verify trusted data without managing identity silos.
As Richard explained:
“We move from the organization holding the data and controlling the ecosystem, to the user holding the data and deciding where it’s shared.”
