As we shift into a world where cryptocurrencies are expected to play a pivotal role in the global markets, traditional identification methods are now the bottlenecks. Traditional identification has been a tool that allowed citizens to tap into the current economic system and authenticate their contributions back to society. With the rise of the internet, economic and data activity shifted to the online world and into the hands of major platforms. The major oligopolies are now harnessing data and identities to better understand what services humans may or may not want in the future. Can humans trust the oligopolies that the data they are willfully giving is being safeguarded from malicious behavior?
The idea of self-sovereign identity becomes much more of a compelling story. The notion that a person can safeguard their identity and data from others while being able to tap into an economic system. An example of an economic system could be Open Finance. The premise of Open Finance is the idea that any person, from any jurisdiction, could tap into an open network and have the ability to engage. There are millions of people that are waiting on the sidelines looking for an opportunity but cannot participate. Why? Identity has to be solved before millions of people can come in droves and benefit from this open network.
The Cognitive Revolution sparked rationalism while improving human coordination. One of the earliest ways tribes communicated trust was through jewelry and tattoos. As tribes grew so did the ability to trust, enemies had the ability to build jewelry to infiltrate villages. During the Roman Empire, advances in written and record-keeping technologies grew exponentially alongside its economy. They’ve developed and created written filing systems to identify and track home ownership, businesses, or what’s owed. As the economy grew, so did the population and the ability to scale trust. During the late 1800s, governments issued photo identification along with documents that tracked birth, education, ownership or businesses.
In parallel to this identification system, banks and merchants created a manual list of individuals borrowing and lending activities. This list was shared within towns as a way to track what was borrowed. The growing list of people became a forcing function for the establishment of the credit bureaus. This new credit system would track debt, payment history, credit history, and credit use. The combination of photo identity, paper trails, and credit created the modern identity system, which is still in use today. This system helped governments identify their citizens, their contributions and how they assimilated to society. While businesses had the ability to trust and engage in economic activity for the foreseeable future. Finally, it allowed its citizens the ability to partake in economic activity and assimilate into its society. However, with the invention of the internet, the modern identity system has started to reach its breaking point.
Similar to the cognitive revolution, the internet reduced coordination costs and incentivized new user behavior. Instead of depending on archaic systems, people are finding newer and faster ways to conduct business. Whether it is searching for a new home, finding a shared ride, connecting through social network or working remotely. These platforms have reduced coordination costs and built massive network effects. This enabled the larger platforms such as Google, Uber, Facebook or Microsoft to become large data aggregators while learning more about their users.
Humans have become so reliant on these platforms which have given rise to the digital identity. This shift has marked the birth of the heterogeneous identity, which is, an identity that can be fragmented into specific user behavior. I will break down identity into three buckets, traditional identity (government), the web of trust attestation (Google, Facebook) and managed identity solutions (Microsoft, Okta). I will be covering the newer fragments such as web-based attestation and managed identity solutions.
We can group Facebook, Twitter, Google, and Snapchat as prime examples of platforms that exchange services for data. As we use these platforms for free they collect data on our usage, online behavior, and other metadata so they can target relevant ads and services. The platforms have aggregated enough data to be now known as authenticating agents. Authenticating makes it easy for applications to track real users while giving access to data in return. So in this regard identity has not only become a means for authenticating a person but also collecting data about user behavior. This data can be useful in the hands of users but also dangerous in the hands of platforms. As we have seen, our online identities could be used against us by entities such as Cambridge Analytica & Facebook.
Managed Identity Solutions
Enterprises manage identity solutions under a closed IT network infrastructure. Since the launch of Windows NT, administrators can tap into a directory service that can house identities and login information. Behind the directory service is the LDAP protocol which is an open protocol that is used by most directory applications such as Microsoft’s Active Directory. This gives companies of any size the ability to sync user data and applications seamlessly. Cloud-based identities along with a suite of cloud products have made it easier for companies of any scale to deploy remote workers from any part of the world. This has also enabled hackers to deploy complex phishing attacks so they can compromise work credentials. As we have seen with the recent Equifax hacks, valuable information can be hacked which puts people’s lives at jeopardy.
As we have seen, we are now reaching a boiling point with identity in the computing era. We have scaled the internet from 1B users in 2005 to 3.2B in 2019. To show how prodigious this issue is, Shape Security recently published a cybersecurity report that shows that 80% to 90% of the people that log in to a retailer’s website are hackers using stolen data. Trusting large companies with your own data is incredibly dangerous for both the business and users. In parallel, the invention of the Nakamoto consensus algorithm gave rise to crypto-economic growth. This led to a Cambrian explosion of use cases from decentralized finance to identity. As Josh Wolfe would say, “we have to follow the natural order of progression.” If we follow the natural order of progression we would be led to cryptographic-based identity solutions.
You won't beat Facebook by doing 'Facebook, but fixing the bits I don't like'. You beat it by making it irrelevant. PCs made mainframes irrelevant. The web, and then smartphones, made Windows irrelevant. So what makes GAFA irrelevant?
The problem with blockchain-based identification systems today is that they are solving identity from a singular perspective. This may work for a specific use case such as trying to get a beer out of a vending machine. It doesn't solve the ability to tap into an economic system such as open finance or gaming. For example, taking a loan out on Dharma would require a person to collateralize there loan up to 150%. Now imagine if an identity-based solution could track how quickly a person can pay back their loans historically. Now underwriters trust you and could issue loans without putting up collateral. As such, I believe that entrepreneurs shouldn't be solving identity for the world we live in today, but for the world we will be living in. Identity evolves when the economic system evolves, and projects should be focused on future use cases.
Identity for the decentralized future is going to be one of the most important problems to solve and there are hundreds of companies working on it. Whether its Microsoft, IBM, RSA from the enterprise side or Blockstack, Coinbase, Uport from the crypto side. Ultimately, we are going to see several platforms win out as we are going to be living in a much more fragmented world. Where our identities are going to be separated out even further based on our behavior or use case.
So one idea is to combine social networks with trade networks. Another may be to scrap the idea of gaining reputation under a real name and instead build new kinds of networks focused on helping people create value under a pseudonym. Status from real contributions, not trolling.
We need to reimagine identity and not to think of it as a way to identify who we are but to be identified by the contributions we make to protocols or economies. This can encourage good behavior while slashing the ones that are malicious. This could create entire economies of workers that aren't identified but could all be equally contributing to the overall economy. That could be the world we live in but in order for us to get there, we need to understand the types of solutions that are available and quantify the impact.
Decentralized web attestations give users the ability to authenticate other apps or services without requiring to give up personal information. Interestingly, Coinbase recently acquired Distributed Systems which was an identity solution being built for Clear Protocol. The premise of the acquisition was the fact that most identity solutions today are lethargic. Having to download a chrome extension, create a wallet, fund the wallet and sign the transaction is one of the biggest hindrances. Coinbase has grown to over 20 million KYC’d users, it has rich identity data that could be leveraged for new sectors such as decentralized finance. Coinbase is planning to roll out a Facebook-like SDK that would allow other dApps and services to seamlessly integrate. This could reduce friction and allow users to seamlessly move between Dapps and services. From a developer standpoint, it will be easier to acquire and retain users while focusing on growth. This would shift identity from authenticating personal information to authenticating personal information and money. This shift will usher in new apps and services that will create new business models with cryptocurrencies in mind.
Blockstack’s vision is to allow users to authenticate once and never have to authenticate again while browsing the internet. They have four components that enable users to authenticate seamlessly and safeguard there data. The first component is the Stacks Blockchain which provides the global consensus for the network, the stacks token enables users to purchase user names, execute smart contract functions or connect to storage lockers. The second is the Gaia storage system which enables you to store all of your data into encrypted private data storage lockers. These lockers can be hosted on your hard drive or a cloud provider. The third component is the protocol itself which authenticates the identity that the user owns and the location of the Gaia storage. The final component allows developers to easily integrate the Blockstack SDK into its core applications to allow seamless login functionality. The Blockstack team is taking a controlled approach and building the entire stack from the blockchain itself to the end-user experience with identity in mind.
Microsoft is taking an open standard approach by introducing The Identity Overlay Network (ION). ION is an open protocol that is built on top of the Bitcoin blockchain. The ION network is a communication, batching layer that manages and anchors decentralized identifiers (DID). DIDs are immutable documents that are represented in unique IDs that can store personal information of a user. Microsoft chose to build a layer 2 solution so that it can maximize throughput and avoid the consensus algorithm. The result is that it enables developers to build scalable solutions while offering universal deterministic state resolution. Companies such as Cloudflare can run an ION node and anchor data to the Bitcoin blockchain seamlessly and charge a nominal fee to the end user. Microsoft is betting that by building an open standard it could attract a diversified developer base while focusing on interoperability with the traditional web.
Ria Bhutoria with Circle Research — Wrote about Microsoft ION extensively.
Formatic is taking a developer-focused route by offering developer tools to enable dApps to seamlessly onboard users. They do this by allowing users to sign in and use dApps just by using a traditional phone number. This approach reduces friction and onboard users quickly on to dApps. It also allows users to safeguard their personal information while they move between different apps and services. So far they have integrated with OpenSea, Set Protocol, Zerion and others.
Uport also has an interesting solution where they have built on top of the Ethereum protocol. They offer both a self-sovereign wallet and a single sign-on service for dApps. They allow applications from both Web 2.0 and Web 3.0 to integrate seamlessly while offering the ability to issue and reuse credentials. They have an app on both the iOS and Google Play store and can be used with MeleonPort, Gnosis, Status, and others.
Humanity Dao is a decentralized autonomous organization based identity solution. This is the first of a kind identity system that integrates governance and universal basic income into the authentication process. Using an identity system that is regulated by its users could have an interesting value proposition. We are in the early phases of the development of Humanity Dao but I am bullish on the founders that are building this out.
As technology and society progress, so does our ability to identify and authenticate our identities. We are at a point where our data is the most valuable asset we have. We can take control of our data and make informed decisions that can benefit our future. The computing era opened us to an opportunity where apps and services have helped improve society. But it also has left open areas where we can improve on. Blockchain-based identity solutions are necessary as we move from the computing era to the machine intelligence era. I believe that identity-based solutions will become much more granular and focused on economic use cases such as open finance, gaming and or marketplaces.