« Internet Identity is a gateway to applications on the Internet Computer. When you use Internet Identity, websites cannot collect and share information about your online activity. This is because Internet Identity helps you create and manage anonymous, independent accounts for every website so that you get the privacy of having many different accounts without the burden of managing them. »
« Internet Identity uses a different principal (a “pseudonym”) for each dapp that you authenticate to using Internet Identity. Since the pseudonyms Internet Identity generates for you are different for each dapp, dapps cannot use them to track you outside of their realm »
« Internet Identity will give the user a different identity for every canister front end that they log into, which is great for security and privacy. If it were not so, Internet Identity would allow every front end to log in under the user’s single principal. If that user interacts with unrelated services — for example, a message board and a shopping site — these could behind the back correlate the user’s behavior on these sites. And even worse, the front end of the message board could maliciously call the canisters of the shopping site and make orders in the user’s name. Therefore, the Internet Identity service generates a different identity for every front end that the user logs into, with the front ends differentiated by their hostname. This way, a user’s actions on different services are not so easily tracked. While the front end is still able to call any canister on the Internet Computer using the user’s identity, it is only ever the identity that is associated with the front end performing the calls ».
« Dapps that integrate with Internet Identity prompt the user to authenticate using an identity anchor. If the user doesn’t have an identity anchor yet, it is easy to create one and add authentication methods to it. For more details, see How to use Internet Identity. For each device added, a pair of cryptographic keys (private and public key) is generated. The public key is stored on the Internet Computer blockchain, while the private key remains locked inside the authentication device together with any biometric data that governs access to it. Adding multiple authentication devices to an identity anchor allows the user to access dapps across all of their devices.
When a user accesses a dapp that uses Internet Identity for authentication, they first specify the identity anchor they want to use. After authenticating using an identity anchor using an assigned device, their browser connects to Internet Identity and generates a session key for use with that dapp. Finally, the user is asked to authorize access to the dapp.
The user’s browser downloads the authorization and then redirects the user to the dapp. The dapp verifies the authorization from Internet Identity and grants the user access as an application-specific anonymous identity called a pseudonym. Internally, users have a different pseudonym for each dapp, but a pseudonym for any single dapp is the same across all of the user’s devices. All devices of a particular user simple represent different methods they can use to authenticate their Internet Identity anchor. »
I give you some links to read more about this marvel, but as you can see it is mainly for your privacy :