令牌化为身份数据的存储，共享和保护提供了基本转变

我们当前的身份验证系统被打破了。过去一年中的几起事件证明了使用过时的系统的危险

Our current identity verification system is broken. Several incidents in the past year prove the danger of using outdated systems in which consumers are forced to repeatedly share the same core identifiers — like SSNs, birth dates and biometrics — across countless digital platforms.

我们当前的身份验证系统被打破了。在过去的一年中，几起事件证明了使用过时的系统的危险，在这些系统中，消费者被迫反复共享相同的核心标识符（例如SSN，出生日期和生物识别技术）在无数的数字平台上使用。

In October 2023, a breach at 23andMe exposed genetic and ancestry data from nearly seven million users, including names, birth years and locations. Months later, hackers infiltrated Snowflake’s customer environments, compromising sensitive records from companies like AT&T and Ticketmaster. Then, in August 2024, National Public Data reported that 2.9 billion records had been stolen — nearly every American’s personal information, including Social Security numbers, now potentially in the hands of bad actors.

2023年10月，违反了23AndMe的违规行为，揭示了近700万用户的遗传和祖先数据，包括姓名，出生年份和位置。几个月后，黑客渗透了雪花的客户环境，损害了AT＆T和Ticketmaster等公司的敏感记录。然后，在2024年8月，国家公共数据报告说，有29亿个记录被盗了 - 几乎每个美国人的个人信息，包括社会保险号，现在可能掌握在不良行为者手中。

These incidents are symptoms of a more significant problem where the more our personal data circulates in its raw, reusable form, the more we risk, not just in financial loss but in privacy, trust and individual autonomy. Traditional cybersecurity approaches can’t keep up. We need a foundational shift in how identity data is stored, shared and secured.

这些事件是一个更重要的问题的症状，即我们的个人数据以原始，可重复使用的形式循环越大，我们的风险越多，不仅在财务损失，而且在隐私，信任和个人自治方面。传统的网络安全方法无法跟上。我们需要对身份数据的存储，共享和保护的方式进行基本转变。

Tokenization offers that shift.

令牌化提供了这种转变。

Tokenizing PII as the Foundation of Digital Identity

将PII作为数字身份的基础

Tokenization replaces sensitive information with secure, non-sensitive equivalents. Here’s how it works: Imagine you’re making an online purchase with your credit card. The retailer’s payment system, instead of storing your actual 16-digit card number, replaces it with a randomly generated token, such as “XJ84-KL92-PQ76”. This token has no intrinsic value and cannot be traced back to your actual card number if intercepted by hackers. When you complete the purchase, the token is securely mapped back to your real payment information by a trusted tokenization system, ensuring both security and seamless transaction processing.

令牌化用安全的，非敏感的当量代替敏感信息。它的工作方式如下：想象您正在使用信用卡进行在线购买。零售商的支付系统，而不是存储您的实际16位卡号，而是用随机生成的令牌替代了它，例如“ XJ84-KL92-PQ76”。该令牌没有内在的值，如果黑客拦截，则不能将其追溯到您的实际卡号。完成购买后，令牌将通过受信任的令牌化系统牢固地映射到您的真实付款信息，以确保安全性和无缝交易处理。

The financial sector has already proved this works — Visa has issued over 10 billion tokens, reducing fraud by 60% and preventing hundreds of millions in losses. It’s time to apply the same model to personal identity.

金融部门已经证明了这项工作 - 签证已发行了超过100亿个令牌，将欺诈量减少了60％，并防止了数亿美元的损失。现在该将相同模型应用于个人身份的时候了。

Understanding Verified Trust Credentials

了解已验证的信任证书

Verified trust credentials (VCs) are tamper-proof digital versions of physical ID attributes, such as biographic and biometric information, including foundational documents like driver’s licenses and passports. Cryptographically signed and secured, VCs can be validated instantly without lengthy manual checks or repeated exchanges of personal information between individuals and relying parties.

经过验证的信任凭证（VC）是物理ID属性的防篡改数字版本，例如传记和生物特征信息，包括驾驶执照和护照等基本文件。通过密码签名和确保，可以立即对VC进行验证，而无需长期的手动检查或个人之间的个人信息和依赖方之间的重复交流。

A reusable verifiable trust credential typically comprises three key components:

可重复使用的可验证信任凭据通常包括三个关键组成部分：

By tokenizing VCs, individuals can verify who they are without exposing unnecessary details and organizations can validate both the credentials and the trustworthiness of their source.

通过使VCS进行象征化，个人可以验证自己是谁而不揭示不必要的细节，组织可以验证其来源的凭据和可信赖性。

These credentials live in digital wallets, enabling users to control what they share and with whom, drastically reducing exposure while maintaining security.

这些凭据生活在数字钱包中，使用户能够控制他们共享的内容以及与谁共享的内容，从而在维持安全性的同时大大降低了曝光率。

A Privacy-First Digital Ecosystem

隐私优先的数字生态系统

The tokenization of VCs marks a major evolution in how digital identity is managed. Imagine a future where educational degrees, licenses, background checks and IDs are stored in one secure wallet and shared only as needed.

VCS的令牌化标志着如何管理数字身份。想象一个未来，将教育学位，许可，背景调查和ID存储在一个安全的钱包中，只根据需要共享。

This is already happening. Some universities issue degrees as verifiable credentials, allowing students to share their academic achievements instantly with employers or other institutions. Professional licenses, certifications and government IDs could follow.

这已经在发生。一些大学将学位视为可验证的证书，使学生可以立即与雇主或其他机构分享学业成就。可以遵循专业许可，认证和政府ID。

In healthcare, tokenized credentials could revolutionize patient data sharing. Patients could grant secure, temporary access to records, keeping control while improving care coordination.

在医疗保健中，令牌资格可以彻底改变患者数据共享。患者可以授予安全的临时访问记录，在改善护理协调的同时保持控制。

In the gig economy, workers could share tokenized background checks or verified skills, increasing trust between platforms, clients and workers.

在零工经济中，工人可以共享标记的背景调查或经过验证的技能，从而增加平台，客户和工人之间的信任。

Financial institutions could also benefit. Tokenized credentials streamline KYC and AML processes by allowing users to share just the required verified data points — like proof of address or income — without oversharing personal details.

金融机构也可以受益。令牌化的凭证通过允许用户仅共享所需的验证数据点（例如地址证明或收入证明）而简化KYC和AML流程，而不会超越个人详细信息。

The applications extend to age verification, borderless credential checks, and even secure online voting systems.

这些应用程序扩展到年龄验证，无边界凭据检查，甚至是安全的在线投票系统。

The Future of Digital Identity Verification and Screening

数字身份验证和筛选的未来

The internet was designed for open communication, not for secure identity. It lacks a built-in identity layer, so there’s no universal, standardized way to verify users across platforms. This gap has made PII vulnerable to breaches, fraud and misuse.

互联网是为开放通信而设计的，而不是为了安全的身份。它缺少内置的身份层，因此没有通用的标准化方法可以跨平台验证用户。这个差距使PII容易受到违规，欺诈和滥用的攻击。

Traditional defenses can’t keep up. Tokenization fills that missing layer, giving individuals the power to verify identity and build trust online, without surrendering control of their private data.

传统的防御能力无法跟上。令牌化填充了缺少层的层，使个人有能力验证身份并在线建立信任，而无需交出对其私人数据的控制。

This isn’t just a best practice — it’s a fundamental necessity in a world of rising cyberthreats, evolving regulations and AI-powered decision-making. If we want privacy, trust and resilience in our digital infrastructure, tokenization is no longer optional. It’s essential.

这不仅是最佳实践，而且是在不断上升的网络威胁，不断发展的法规和AI驱动决策的世界中的基本必要性。如果我们想要对数字基础架构的隐私，信任和弹性，那么令牌化将不再是可选的。这是必不可少的。