paint-brush
Surprisingly true! Online Identity = mC³by@vishal144
511 reads
511 reads

Surprisingly true! Online Identity = mC³

by Vishal GuptaOctober 14th, 2018
Read on Terminal Reader
Read this story w/o Javascript
tldt arrow

Too Long; Didn't Read

I=mC³ may sound funny and yet its weird and super true. As you will see that it is the fastest, easiest and the only solution for creating real trust worthy online identity network that works globally.

Companies Mentioned

Mention Thumbnail
Mention Thumbnail
featured image - Surprisingly true! Online Identity = mC³
Vishal Gupta HackerNoon profile picture

The “Unsolved” problem of Fin-tech finally may have a breakthrough

I=mC³ may sound funny and yet its weird and super true. As you will see that it is the fastest, easiest and the only solution for creating real trust worthy online identity network that works globally.

What is Online Identity?

Any online account that is

  1. Physically bound to a real person,
  2. Legal - having the correct name and date of birth referenced with an institutional and credible database.
  3. Verifiable, audit-able and bankable.
  4. Having actual control and no impersonation.

All existing technology can be easily be beaten by simple Photoshop to create false identities or impersonate someone.

Online Identity or eKYC is just like emperor’s clothes.

Identity is absolutely critical for accountability. Be it financial transactions, news, shared marketplaces or even cyber security. It’s important that the identities remain private but also the identity can be uncovered if things go horribly wrong.

Without true identities it is not possible to catch bad actors or keep children safe on the internet.

To fight financially motivated crime globally

All International laws in banking require all new non-face-to-face customer signups to classify as high risk.

It’s mandatory to conduct customer due diligence and anti-impersonation checks on those customers.

You basically need a valid combination of name, date of birth, and address to check those customers against 600+ criminal databases and PEPs.

The problem is that anyone with a simple Photoshop can bypass these checks online. There is no existing technology that can determine if the identity is fake, stolen or synthetic.

A broad set of limitations are covered here.

“This is the reason why all banks need to do physical KYC. “

The only way to know if the identity is real is by examining the original documents while meeting the person physically.

But still the problem remains huge. In Europe alone there were 40 million passports lost or stolen in a decade. Stealing, using forged documents, data leaks and creating synthetic identities has reached epidemic proportions.

In a controlled test carried out with experienced Australian passport officers. They could not detect more than 14% fraudulent photos.

Inspite of physical checks financial institutions will face over $400bn fines in the current decade.

Why is it so hard to solve?

Coordinating a global identity database is not only challenging politically, financially but also undesirable. Most countries would not agree to have such a centralised database of global citizens due to privacy and potential to be abused. And even if one was able to execute such a massive undertaking, it would have consent

Any online identity system needs to address the following factors

  • Legally valid and bankable
  • Bind with the right person
  • Global available both online & offline
  • Cryptographically provable / verifiable
  • Recoverable & loss proof
  • Fraud resistant
  • Not centralised — controlled by user.

The question remains — how do you limit the identities to valid and real combination of names and date-of-birth. And then how do you ensure that the person represented is actually the same and no one else?

Online Identity

I= mC³

Now, imagine a way to create a cryptographically provable identity that is tied to real institutional databases.

This would involve

  1. Certified data using SSL —to validate the profile information of the identity owner by using data received using a valid SSL/TLS certificate.
  2. Credible websites — Retrieving information stored in a private database of various credible government organisations or private institutional databases using a whitelist and/or other credibility factors such as alexa profile of the website.
  3. Cryptographic hash — Making the information tamper resistant, reliable and verifiable by storing a hash of the provenance and the information on an immutable blockchain / DLT.
  4. Multi-source authentication — Authenticating the user from multiple sources, third parties like government, banks, utility companies or ICAO compliant documents that may require the user to

Login to a website using a password or

Knowledge based authentication (KBA),

Scanning an ICAO based Identity document using NFC and facial authentication

Having users data being verified from multiple sources not only prevents a central hack using a single institution but also acts as a strong anti-impersonation check due to Multi-factor or third party authentication.

A new way to generate Identity credentials from global databases

It’s new kind of attestation technology using SSL capture. It makes the system independent of any institutions and does not need prior agreements or integrations. It has immediate applications with usability accross the globe with a latent and pent up demand online.

What difference does this make?

Internet was created in 1973 and basically it was a permission-less network of devices designed to store and exchange data. However, these devices never had any physical binding with people or their identities on a global basis. Anyone could choose a name and do whatever they wished for without having any accountability or easy traceability.

Blockchains however is a new form of network built on top of the Internet which is again permission-less but with one key difference. It is based on public keys that can hold and store value. It can be said that the non-repudiation based on the asymmetric keys and its decentralized nature makes it a prime candidate for a global Identity network.

However, it lacks a few critical elements like human readability, and credibility like domain names (came after 10 years) and SSL (took two decades) to really make it usable and friendly. Without say SSL internet commerce and banking would not have taken off. Similarly, blockchains lack human readability, and credibility like SSL for them to take off.

Now, the Identity=mC³ leverages the existing SSL/TLS infrastructure of the Internet that is battle tested against hacking and extends it to create a new, reliable and verifiable identity system on top of blockchain.

This is critical to fill the gap of missing identity network that is required to create online accountability. Its required not only for fin-tech and crypto industry but also to solve cyber-security, fake news, cyber-crime etc.

Blockchain can be a magic bullet eliminating financialy motivated crime.

Blockchains give us the ability to track transactions accross borders and accross asset classes. Tracking dirty money or even corruption proceeds becomes far easier once wallets are attached to real identities.

Having a decentralised identity system that can be trusted by everyone including banks opens up a whole new world of possibilities. It certainly solves the eKYC problem for fin-tech’s as a starting point.

Conclusion

Online global identity network that really works has been an evasive dream for decades. Unbelievable but blockchain and mC³ are truly the only practical solution that provide bankable identities online. It’s a technology breakthrough for blockchain self-sovereign identity with real world use cases.

Simply put — if your eKYC is not powered by mC³ (the new state-of-the-art) then you have some “very serious” photoshop holes in it.

On a very serious marketing note

If you are a fintech, blockchain company or even a bank and think your eKYC is good enough. I would say, you should have a hard look again. Because not only it is impossible without this tech but it also poses personal and criminal charges including jail time. Your eKYC needs to be bullet proof. If you still think differently then email me [email protected] and I will let my photoshop team show you how… and the ice cream bet is on!

About Diro Labs — is a company registered in London that is developing a Decentralised Identity & Access Platform with the bullet proof eKYC solution for the Fin-tech industry. It has an off shore R&D out of New Delhi and filed over 15+ patents. Diro won the National Award last year in a country of billion people and worlds leading IT skills. It is advised by some of the world’s leading cryptographers, Identity and AML experts.