Term · 27. Emerging Categories 2024-2026
Decentralized Identifiers DID
Decentralized identifiers (DIDs) are a W3C standard for globally unique identifiers that a person, organization or thing can create and control without a central registry. Each DID resolves to a document containing public keys and service endpoints, enabling cryptographically verifiable, self-controlled identity. DIDs are the foundation of decentralized identity and verifiable credentials, letting users prove claims about themselves without depending on the issuer being online.
Definition
W3C standard (DID v1.0, 2022) for globally unique identifiers controlled by the identity subject, not a central authority. Resolved via blockchain, DLT, or other decentralized verifiable data registries. Foundation for Self-Sovereign Identity (SSI) and Verifiable Credentials. Format: did:method:identifier (e.g., did:web:identigy.com, did:key:z6Mk...).
- Synonyms
-
- DID method
- W3C DID
- Self-controlled identifier
- Application
- Regulatory: ISO/IEC 24760 / 27001 / 29115 · W3C — WebAuthn / DID Core
MidPoint: An identifier that does not require centralized registration authority.
- Standards & regulations
-
- ISO
- W3C
- Sources
-
- W3C DID Core 1.0 (Recommendation, 2022) primary source
- DIF (Decentralized Identity Foundation) industry commentary
Related terms
-
Verifiable Credentials (VC)
W3C standard (VC v2.0, 2024) for cryptographically signed digital credentials issued by an authority and presented by a …
-
Availability
Availability — property of being accessible and usable on demand by an authorized entity. One of the three core informat …
-
BeyondCorp
Google's enterprise Zero Trust security model published in 2014, eliminating the concept of a trusted internal network. …
-
Continuous Adaptive Risk and Trust Assessment (CARTA)
Gartner framework introduced 2017 — a security posture that continuously evaluates risk and adjusts trust assertions thr …
-
CMMC (Cybersecurity Maturity Model Certification) (CMMC)
US Department of Defense framework certifying cybersecurity practices of Defense Industrial Base (DIB) contractors handl …
-
CSA CCoP (Cybersecurity Code of Practice for CII, Singapore) (CSA CCoP)
Singapore Cyber Security Agency's mandatory Code of Practice for Critical Information Infrastructure (CII) operators acr …
Frequently asked questions
How is a DID different from a username or email?
A username is issued and controlled by a provider who can revoke it. A DID is created and controlled by its owner, backed by cryptographic keys, and does not depend on any single provider — it is portable and self-sovereign.
What are DIDs used with?
DIDs underpin verifiable credentials (VCs): an issuer signs a credential bound to a DID, and the holder presents it to a verifier who checks the signature. This enables privacy-preserving proofs like over-18 without revealing extra data.
Are DIDs widely adopted?
They are maturing: the W3C DID Core spec is a standard, and pilots exist in digital wallets, education and government ID. Adoption is early but growing alongside the EU Digital Identity Wallet and similar initiatives.