Reimagining Identity with Blockchain

Similar to the internet, blockchain technology is sector-agnostic. However, similar to how internet applications differ from government to gaming, blockchain’s innovation principles are expressed differently as well. One of the areas in which blockchain unlocks tremendous potential is identity . Identity is a fundamental asset of interaction Log in with Facebook. Don’t forget your passport. Obtain a proof of address. Face-ID. Want to listen to Spotify? Want to travel abroad? Want to rent a new home? Want to read a text? In our data-driven society, we use identification in countless of different ways. Frankly, identity has become a bit of a mess. At we’ve defined three identity interfaces within today’s society. MintBit The Identity Interface Credit: MintBit On a daily basis, our interaction interface is split between institutions, infrastructure and corporations. Every permission linked to a service or product is contingent on the provision and acceptance of certain information. Sometimes a human completes the verification process, sometimes a machine. Completing your taxes online, in your own time. Replacing a visit to the embassy with an online visa application. An Uber driver that knows where you live at 2am if you’ve temporarily forgotten. These new forms of interactions can be convenient and welcome. To many companies, data is the gift that keeps giving. More data; better models. In essence, your behaviour is abstracted to a collection of data points. Yuval Noah Harari famously said: “The digital revolution threatens to de-individuate us all.” Forgetting your government log-in details, resulting in a fine for late tax submissions. Google’s autocorrect enthusiastically pre-filling details for flights, resulting in additional charges at the airport to correct your name. Bank cards that stop working abroad because they didn’t realise your free spirited cousin likes to move around. It can also be annoying. Identity theft could result in never qualifying for a credit card again. Never being able to buy a home. And much worse. However, identity mishaps can also be down-right dangerous. Do you know who knows who you are? Do you know how many algorithms make decisions daily based on your past behaviour? Do you even know who has access to your passport data right now? Now consider this. Who provides your passport in the first place? Governments. A stable government is not a given. Governments can corrupt. Governments can go rogue. Governments can even collapse. What happens to you if you lose your identity? For many Syrian refugees, this is not a hypothetical question. Refugees have no way of proving their identity. Actually, over 2 billion people have no documents, leaving them financially and physically at risk. Without a formal identity, you don’t count. You’re no-one. These people, with hopes and dreams, are reduced to numbers. No papers, no prospects. Even basic human rights, such as claiming aid for food and shelter, become difficult. Thankfully, technologists such as Jimmy Snoek, co-founder of , don’t sit idle in face of such injustice. Tykn Solving this problem is our lifeblood. My co-founder, Tey, was made a refugee in the Netherlands on the account of his birth certificate having been destroyed during the Gulf war; he’s invisible. At the same time, we realised that we can’t just go to the coal face and start handing out identities. This is why we work together with NGOs and governments. We want them to be able to help people better. Let’s untangle this mess we have made. Levels of Identification Credit: MintBit The levels of authentication are an internal tool we’ve developed to analyse what identification components of individuals in data-driven societies look like, ranked by level of disaster if it would fall in the wrong hands. A closer look at the digital ecosystem today unveils all kinds of odd situations. (OAuth2 for the initiated), does proof personhood. It anchors your respective account as a reference point — a proxy if you will — to attach a profile to. It cannot unequivocally determine that you are you if you’ve for example provided a fake name, picture, or nationality. ‘Login with Facebook/Twitter/Email’ not We’ve all seen the consequences of this fault in reasoning. Fake news. Fake followers. Online scams. Marketing to people who don’t exist. Or the alternative: marketing to people who do exist, but who are not aware their identity is stolen. In 2017, in the U.S. were victims of identity fraud. In that same year, Equifax was hacked. Over 140 million US residents were at risk with their personal information exposed to the hackers. That is over half the country. 16 million people DNA tests are all the rage right now. Let’s be clear here. Companies such as 23andMe definitely selling your data to third party companies, research institutions and nonprofits. Probably your genetic data, but de-identified, aggregate data for research, if you give them consent. It is part of their business model. are not It’s clear that today’s situation is already not ideal. Even less so when the identity interaction interface becomes more prominent. person:infrastructure Machines deal in absolutes. If the algorithmic input is incorrect, the results could be disastrous. But we might be going about this all wrong — a sentiment underlined by Vinny Lingham, CEO and Co-Founder. Civic Right now, we’re living in an era when people have lost control over their personal information — hacks, identity theft, impersonation are all too common. But imagine a secure, trusted digital identity, that you can access from your mobile device, protected with biometrics, and is accepted anywhere you go, from going through airport security to opening a bank account. Blockchain technology opens up these opportunities to transform the way we think about sharing information, in particular sharing, and protecting our personal information. That’s why Civic is leading the development of Identity.com, a decentralised ecosystem that will make secure, trusted identity verification more accessible to people around the world. Today, when you fill in a form, questions expect absolute information. How old are you? How much do you earn? What is your reputation score within this system? Where do you live? Interestingly, what the inquirer really needed to know was: Is this a person above the age of 18 able to afford the vehicle they expressed interested in. There is a different model of identity we need to consider. Enter blockchain. Blockchain-Based Satellite Identity Credit: KLM We propose a user-centric self-sovereign identity application for the next generation of the internet: Web 3.0. Blockchain Brings Many Benefits to Identity Identities are historically quantified. Now it is augmenting virtual identities with social capital. easy to add a qualitative layer, On-demand identity validation. Bringing the who may have previously been deprived of access. opportunity of financial and commercial services to millions Individual data privacy. , dramatically impacting smart city solutions. Improving person:interface communication Your identity cannot be taken away from you. You are not at the mercy of just one identity authority. Virtual identities allows us to combine data points in entirely unique information; resulting in new business models. Passionate teams are working hard on making this vision a reality, such as Ashish Gadnis, Founder/CEO at . BanQu “Identity on blockchain is old news. The real value of blockchain is its unmatched ability to create and secure an Economic Identity for the world’s billions living in extreme poverty today. The fully traceable, transparent transactions [on the blockchain] empower the unbanked to formally participate in the global economy while owning and monetising their own information. This is truly a revolutionary opportunity. BanQu delivers Dignity Through Identity.” How Does Blockchain Satellite Identity Work? There are four layers: Documents you use today to identify yourself, such as your passport or drivers licence. Physical Documents: A collection of claims about your identity, for example stating that you are older than 18 and in possession of a valid driver licence. Identity Hub: Verified identities by third parties. Imagine the Road Transportation Authority verifying that you have indeed obtain a driver licence, and that the document is still valid. Satellite Identities: A rental company in California could query the satellite identity verified by the Road Transportation Authority with a binary question: Is this person at this moment in time in the possession of a driving licence, valid in the USA? This question is phrased in a smart contract (more on the blockchain tool box ). In response the Road Transportation Authority confirms or rejects the query. Third Parties: here Put virtual identities on the blockchain. Access them through smart contracts. TLDR: In the satellite identities allow to do stuff. What can you do rather than who are you. You don’t want to use your identity in transactions wherever possible. In the trusted parties vouch for your identity. Your personal is protected with a private key, binding your identity claims to your proofs of those claims. The is the physical manifestation of those claims. Authorisation Domain Authentication Domain Identity Hub Identification Domain For example, your ‘health care Class A satellite identity’ is signed by 1) your own public key and 2) signed by the NHS (public healthcare in the UK) private key. When your insurance queries this particular satellite identity, NHS checks a) if the insurer is privy to the information requested and if so, b) responds in line with the verified or rejected identity claim. This is a relatively inexpensive cryptographic operation. Satellite identities can have many expressions. , e.g. are you over 18. , e.g. what is your religion? Certain questions the smart contract will accept Certain question it will reject Imagine the US Postal Service deploys their own claim issuer contract, offering verifiable claims about an identity’s postal address. Any contract requiring a verified address can simply look for a claim issued by the US Postal Service contract before allowing interaction. We would be better off and the identity provider could still earn with this model. The ledger would hold the transaction history, so we would finally be in control of who knows what about us, and who asked what and when. James Monaghan, VP Product at , puts it differently: Evernym “In a multi-source self-sovereign identity model, the individual and the institution are on a much more equal footing than in conventional identity systems. The individual still relies on credentials issued by trustworthy institutions to prove things about herself, but she is in control of how much she shares and from which of her relationships, which is a significant step forward in terms of privacy. Similarly, institutions consuming proofs of identity can verify their source and integrity without needing to contact the issuer, which opens up a whole universe of new use cases.” The Winners: Banks Manage a private key is a lot of responsibility. Ideally the private key is managed by a regulated institutions that you have legal recourse against if something goes wrong. This is a massive opportunity for trusted custodians. A bank will be a place where you store your identity, not your money. You can store money anywhere, but identity is important. They could earn revenue providing personal data-as-a-service to partners. When a user opens an account with a bank or a telco, a identity hub would be created. Its private key could be safely stored with the user, inside their phone, credit card, or other device. The provider then creates a satellite identity, using a public key from the identity hub. The Benefactors Credit: PixaSquare Digital identities for property buyers can be augmented with a personal credit score. This would include elements such as income, personal loan repayment history, social media profile and more. A smart contract containing the full details of the property, together with the buyer’s satellite identity, can be put up for auction on blockchain for potential financiers. The buyer chooses the best offer and the financier gets a reward for taking the risk. Only those elements necessary to judge the creditworthiness will be disclosed before the offer is accepted. Real Estate: Doing most of our shopping online, we may demonstrate our trustfulness by enriching classical identification data by much more qualitative and quantitative information (client endorsements, transaction history etc.). Retail: Credit: Monika Grabkowska Digital identity in the food chain, where the origins and safety no longer get verified by an official middleman but by participants in the chain. A simple barcode, and blockchain information linked to it, will disclose the complete and verified trajectory of the product. Food Supply Chain: Patient consent is one of the fundamental tenets of healthcare. Patients have the right to determine their care and treatment, and have a right to privacy. But consent and privacy are not optimised in today’s web architectures. Healthcare: Members of Congress listen more closely when they know they’re hearing from true constituents. How would they know if a slew of angry tweets really comes from voters in their district? Politics: Adoption Challenges A trusted entity will need to establish some legal and enforceable rules and policies for how it all works. They’ll need to make it easy for the average person to use securely, and they’ll need to convince a critical mass of people and service providers to adopt and trust the ID — all while finding an economically viable business model. and bring this big idea to life — first among them are our citizen-facing government agencies. Some institutions are uniquely positioned to solve all of these chicken-and-egg issues at once Identity Is Your Most Valuable Possession As the world becomes further interconnected and digitalised, the boundaries between what we consider our ‘real’ and ‘virtual’ identity begin to fade, with physical boundaries dissolving. Our decentralised, ad hoc nature of identity in the physical world is obvious. Credit: Oliver Sjöström It is odd that you use the same information to cross a border as to prove you are old enough to drink in the bar. The current over-collecting is because of lack of a better system. In the physical world, people collect and manage identity credentials from various sources including governments, financial institutions, schools, businesses, family, colleagues, and friends. They also assert information themselves. These various credentials serve different purposes. People collect them and present them in various contexts. When presented, the credential verifier is free to determine whether to trust the credential or not. Online, identity doesn’t work that way. Online identity has traditionally been single-source and built for specific purposes. Online, various, so-called ‘identity providers’ authenticate people using usernames and passwords and provide a fixed, usually limited set of attributes about the subject of the identity transaction. The identity information from these systems is usually used within a specific, limited context. Social login allows it to be used across contexts but the kind of information shared is limited and its provenance is often difficult to determine. These identity systems are not interoperable, making it hard to combine attributes from one with those of another. Consequently, online identity is one-dimensional and has limited value. Blockchain-Based Identity Unlocks Decentralisation Without reimagining identity, decentralised applications will never reach scale, because their is no model to interact with them. Digital identities allow for the storage of a lot of personal information, but also provide a vital link for transfers of assets, whether they are human, animal, tangible or non-tangible etc. In other words, digital identity is the gateway to a functioning decentralised system, and navigating the data society as a whole. Arguably, decentralised identity could even unlock the universal basic income. But that’s a story for another time. Blockchain doesn’t make Identity easy. It makes it possible. Any information missing that should be there? Tell us in the comments! Many thanks to all who contributed. In particular Dave Birch , who continues to be trail-blazer in this space. Arwen Smit ( @arwensmit ) is CEO at MintBit ( www.mintbit.io ). Want more insights? Subscribe to the monthly Blockchain Byte newsletter here or follow us on Twitter at @mintbit_ .