As soon as you enter the digital world, you must know that your identity security is immediately at risk. It’s mainly the case nowadays since most devices, Internet websites and applications are full of trackers for ad and surveillance purposes. If you don’t watch out, you will quickly discover that you’ve revealed yourself to the world more than you had initially wanted.
This article guides you through securing your identity in the digital world by providing a list of technologies you can use to protect yourself. This list goes from the device you use, how you access the internet, how you authenticate to websites and applications (email and phone number), how you communicate with peers, and finally, how you make payments online.
The technology recommendations are for beginner and intermediate users who want to protect themselves. For those that wish to learn more and for advanced users, there are links to every technology mentioned.
A Secure Device and Operating System
As of September 2022, it is estimated that Android is the most popular operating system in the world, with 43% of the market share. Windows follows it at 29%, Apple iOS at 16%, MacOS at 6%, and desktop Linux at 1.1%. Even though Android is open-source, most versions come by default with Google spyware. For Apple (both iOS and MacOS) and Windows, it’s even worse since you have little control of the device and can’t escape the hold Big Tech has on it. For example, even if you turn off sharing analytics with Apple on your iPhone Settings, that communication remains in the background.
If you want a secure device and operating system, the best technology you can use is an open-source Desktop Linux that is not commercially attached to a company. That immediately discards Ubuntu (Canonical LTD), which is prepackaged with telemetry software that you have to opt out of and has been called spyware by the free software pioneer Richard Stallman. Redhat (Inc) is even worse because you need to create an account and buy a commercial license to use it. There are many options for community-driven Linux distributions, such as Mint, Debian, Fedora, Qubes, TailsOS, etc.
Linux Mint is often recommended for its simplicity and popularity, allowing non-technical users to install it on their desktop or laptop in only a few hours. Here are the instructions on how to do so from the official community website. It’s Debian based, so it has the same software compatibility as Ubuntu.
Although privacy and identity on mobile devices are harder to figure out, it’s still possible to do so. There are modified Android versions that remove every spyware packaged by Google, and one that has received wide approval from the open-source community is GrapheneOS. There is a limited number of devices you can install this operating system onto, but you can find a list of them here. Finally, here are some instructions on how to complete that process.
You now have a desktop or mobile device with an identity-protecting operating system.
Protecting your Identity when accessing the Web
As soon as you communicate with a web server through a browser interface or the command line, your IP address will serve as your identity for communication. You might think there’s little risk associated with that because there’s no immediate identity link. Still, the reality is that the server can estimate a very accurate geographical location, which traces back to you.
Using a VPN to Route your Traffic
Although there’s some controversy about VPN usage, given you use a centralized server to route your traffic, it probably is better to use one than not. Many providers claim to implement a no-logging policy, but it’s hard or impossible to verify if it’s true. A false sense of security won’t blind you if you’re aware of the limitation that the VPN server is aware of your IP address and can be hacked or involved in a leak.
Privacyguides.org is a website maintained by privacy advocate Jonah Aragon that reviews VPNs based on stringent criteria such as open-source clients, independent audits, and accepted private forms of payment. Their only three recommendations are Proton VPN, IVPN, and Mullvad VPN, none of which have been hacked. They have versions for any operating system and you can purchase any of them with bitcoin (more on identity-protecting payments in a different section).
For those worried about performance, Mullvad supports Wireguard, a modern and faster VPN protocol. Here’s an article from Jameson Lopp on how to set up Wireguard for a better web experience.
A Decentralized but Slower Alternative: Tor Network
There are many reasons you would want to use Tor instead of a VPN. First, you simply don’t want to rely on a centralized service because of the risks of leakage or hacking. Also, you don’t want to pay for a more performant and easier-to-use service. Finally, and this is only the case for onion services, you care about the privacy of the website server and not only your own.
Tor (The Onion Router) is a peer-to-peer network comprised of clients like you and voluntary relay servers that route your traffic. Every time you connect to a web server, you hop through many relays before reaching your destination. Each relay knows only the IP address of the previous and the following peer, so making many hops protects your identity from the endpoint and middle relays. Although the entry guard knows your IP address, this information isn’t useful by itself since it doesn’t know your web destination.
Here’s an illustration that demonstrates how the Tor network works.
Tor is available as a client-side application with the Tor Browser and as a server for more complex and technical use cases. You can install Tor Browser here, and for more advanced users curious to know how to run a relay server, the instructions are here.
Using Private Email Addresses and Phone Numbers for Authentication
Now that you can access the internet in an identity-protecting way, you may want to use web services. You already know that most of these services will ask you for an email address or a phone number to sign up, so you will want to equip yourself with services that can provide unlimited accounts without compromising your privacy or security.
Secure and Private Email Addresses
ProtonMail is recommended because of its reputation, encryption security, simplicity, and free plan. Even though they provide a centralized service, they don’t have access to your emails; only you do. The application code is open-source and independently audited by third-party security experts. You can sign up here.
You can also use their complementary service SimpleLogin which provides an additional ten email aliases for free to keep your primary email private from most services. Every email sent to any of these aliases ends up in the same inbox, similar to how you use different addresses to receive bitcoin in the same wallet. For single-use applications without sensible data, you can use a service like TempMail to receive emails on a temporary email address.
VoIP Phone Numbers and International eSim Cards
Phone numbers are trickier since they’re not web-native. Still, getting one without compromising your identity security anywhere in the world is possible. First of all, there are many VoIP (Voice over IP) services available that you can purchase with bitcoin and even some that are free.
I haven’t verified any of those services, so you must research the one you choose to ensure you feel comfortable with the associated risks. Here’s a website where you can find many of those options.
The main limitation of using a VoIP service is that many applications will simply detect that it’s not an actual phone number and will block you from using their service. Also, they’re usually not the most privacy-preserving services out there. Don’t worry; there’s a way to get an actual phone number in a very identity-protecting way.
Silent Link is an available worldwide service that sells eSIM cards for bitcoin for data and a US-based or UK-based phone number. You don’t need an email address, you can just make your bitcoin payment (on-chain or lightning), and you’re good to go.
You will need a mobile device for this, so if you don’t have one, you are stuck with VoIP services to obtain a phone number.
The SilentLink instructions to purchase an eSim Card.
End-to-End Encrypted Communication Tools and Decentralized Social Media
Two of the most critical use cases of the internet are communication and social media. In this section, I will explain the different technologies you can use for private conversations and networking without compromising your identity.
End-to-end Encrypted Communication
The first thing you should not compromise on if you want to protect your identity when it comes to communication, is end-to-end encryption. It’s 2023, and it’s tough to argue the need to use a tool that doesn’t provide this essential feature. Gladly, there are many options that we will go through in this section.
End-to-End encryption is a method that ensures only you and your recipient can read the communicated information, secured by cryptography.
Unfortunately, there isn’t much compatibility between popular communication protocols, so you usually have to use the same client as the person you’re trying to connect with. The most popular ones, such as Facebook Messenger, Instagram, Whatsapp, Twitter, Snapchat, and Skype, are all out of the window since they don’t provide essential identity protection.
If you’re willing to make an effort to get a private phone number, Signal is a solid option that provides ease of use, end-to-end encryption, and many users. Telegram receives many recommendations too, but you have to be careful when using it; only Secret Chats are end-to-end encrypted, and they don’t support groups. However, group communication is at risk of a leak if a single user is compromised or spying on purpose.
Some new applications, such as Keet and Sessions, don’t require phone authentication and are starting to look promising, but their use remains low compared to Signal or Telegram. Some alternatives, like Sphinx, use the Bitcoin Lightning Network for end-to-end encrypted communication in a peer-to-peer fashion, with payment support.
Decentralized Social Media is a Reality
Social Media has always been a nightmare for privacy and censorship resistance, evolving further into a dystopian monopolistic market over the last decade. Mastodon came out in 2016 and has been a way to distribute server control in a federated system. Still, it requires an email address to sign up, and many servers are known for strict control of content policy, often for political or personal reasons.
Lately, a new alternative has emerged named Nostr that uses public-key cryptography for identity (no email address) and a relay model that allows users to switch from one server to another if censored. Nostr is different from other social networks because it has no single point of failure. You can also bring your connections when switching client applications, so a specific service can’t lock you because of its network effect. Here’s a list of clients you can use to sign up for Nostr.
How to Make Identity-Protecting Digital Payments
In this final section, I will dig into the missing key element to protect your identity in the digital world, Bitcoin, and how you can optimize your use to make it private by default.
For transaction purposes, Bitcoin uses addresses; identifiers comprised of random letters and numbers derived from your public key, which derives from your private key. After receiving bitcoin at your address, you can use your private key to spend it, which proves you own the bitcoin.
Blockchain and Network Privacy on Bitcoin
Given Bitcoin’s decentralized nature, audibility is a crucial feature to allow every peer-to-peer node to validate the authenticity of every transaction. Anyone can verify their Bitcoins are legitimate, but it also means that your transactions are available to the world. If you link your address to your identity, it creates invasive personal links to your total wallet balance and transaction history.
Following that logic, the first step towards keeping your identity secure when using Bitcoin would be to avoid linking your identity to one of your bitcoin addresses by not using KYC (know your customer) services such as centralized, regulated exchanges. You can acquire your bitcoin in ways that don’t require identity verification, such as peer-to-peer transactions, mining, or selling products and services for bitcoin. However, it’s not always easy due to location restrictions, low liquidity, and a limited Bitcoin circular economy. Also, when spending bitcoin remotely to receive physical goods, you must provide your physical address, which compromises your identity security.
On top of blockchain privacy, you require network privacy when using Bitcoin as any other Internet service or protocol. When using most light wallets or a Bitcoin node (e.g. Bitcoin Core), your network connection will reveal your IP address unless you configure it with a VPN or the Tor Network. Most wallets don’t keep your IP hidden out of the box and require configuration.
The Privacy Solution for Bitcoin: Wasabi Wallet
The top recommended bitcoin wallet for identity and privacy protection is Wasabi Wallet. First, there are no network configuration requirements when using Wasabi; Tor is prepackaged and activated as soon as you launch the application.
Then, once you deposit some bitcoin to your Wasabi wallet, it can be coinjoined for additional blockchain privacy. This process provides privacy for your bitcoin addresses even though a previous transaction you did has a link to your identity; by participating in a coinjoin, you break that link. The coordinator service run by ZKSnacks, the company behind Wasabi, can’t deanonymize or steal from you.
Wasabi Wallet is available across Desktop platforms, and you can download it here. If you want to learn more about Wasabi, there is publicly available documentation that can answer most of your questions. You can always join community groups (Discord, Telegram) to ask for further help or even get involved in the open-source project yourself if you want to contribute to Bitcoin privacy.
In this article, we enumerated the best technologies you can use to secure your identity online. We recommended a desktop and mobile operating system, networking routing tools such as a VPN or Tor, email address and phone number providers, end-to-end encrypted communication applications, a decentralized social media platform, and privacy-preserving payments through Bitcoin and Wasabi Wallet.
For further privacy tools, you can consult this website which reviews many technologies across the categories listed in this article and many others. Additionally, a password manager is an essential tool to add to your arsenal of identity protection technologies; you can find a list of reviewed ones here.
Stay safe out there and remember to reveal yourself to the world only in ways that make you comfortable; privacy is a human right. If you want to learn more about privacy or help acquaintances in their journey, Wasabi Wallet’s Blog is a perfect resource with many articles on this subject.