Abstract

Africa’s digital transformation has amplified systemic vulnerabilities in personal data governance, particularly due to reliance on centralized identity systems ill-equipped to evolve cyber threats. For instance, the 2016 Cambridge Analytica scandal exposed not only global data misuse but also catalyzed African nations like Nigeria and Kenya to audit their electoral data practices, revealing similar risks. Centralized databases are frequently the backbone of conventional identity management systems, which unfortunately leaves them vulnerable to security violations and unwanted entry resulting in attackers taking advantage of these vulnerabilities and causing security incidents like identity theft or the exposure of confidential information. Self-Sovereign Identity (SSI) empowers individuals to take control of their personal identity and understand how their data is utilized. In this context, blockchain technology plays a pivotal role by supporting decentralized systems for identity management and access control. This literature review explores five key dimensions of blockchain-based identity and access control management which are; security / privacy, scalability, interoperability, regulatory compliance, and user control through a systematic analysis of 62 African case studies and a framework synthesized from that review. The study identifies critical gaps in scalability (40% of studies) and regulatory alignment (50%), offering actionable insights for decentralized identity frameworks in emerging economies. Prior reviews lack Africa-specific insights; this SLR addresses this gap by synthesizing 62 African case studies, offering the first comprehensive analysis of blockchain-based IDMS implementations in the region.