Three Technologies Democratizing Identity

February 2019
In our blog - What Does Your Identity Mean To You? - we talked a little about a massive issue faced by an entire one-seventh of the world’s population: zero access to identity documents.  As was discussed in that article, more than a billion people worldwide today are unable to reliably verify their identities. As a result, these people find themselves in a difficult situation where they have limited access to healthcare and are financially and politically excluded.

Fortunately, there is some good news. Thanks to rapid-fire technological advancement, a number of major inroads have been made towards bringing real, provable, identity to people  living even in the most hard-to-reach parts of the world. Today, we’ll take a look at some of these technologies.

That fingerprints can be used to reliably identify individuals is not a new idea. Even in 1858 fingerprints were required on contracts in British India and by 1911 prints collected at crime scenes were considered admissible in the US court system. Digital fingerprint scanners have been used for decades in industry and government.

Recently, though, the technology has become standard in consumer electronics, namely mobile phones. As a result, mass-production has led to incredible progress in the reduction of component size and production costs. In fact, a mobile fingerprint scanner, which would have cost $5.50 in 2014, will only cost $2.00 by the end of this year. In 2019 innovation in biometric technology is rapidly making it more and more possible to instantly identify anybody, anywhere on the planet.

This reduced cost is already making the remarkable possible. For example, aid workers have begun implementing the technology in Sub-Saharan Africa to save lives by helping keep track of the vaccination records of children.

In the industrialized world, the most common situation in which people prove their identities is by far when they make payments using a debit or credit card.

While you might think you are making a payment when you insert or touch your card to a point-of-sale terminal, you are actually proving to the payment processor that you are in fact the holder of the account to which the card is assigned. The actual payment itself happens after the fact.

Your card is actually a very advanced pieced of technology. Within the chip that is embedded on your card is stored a cryptographic identifier for your account. In order for the payment processor to accept your payment, the cryptographic identifier needs to be matched with the personal identification number (PIN) code that you enter.

Using the same principle, smart cards can be used as a means of proving people’s identities for many other use cases. They have been used for access into restricted areas in industry and government since the 60 and 70s. In cities all around the world smart cards are issued to commuters who want to access public transportation by just touching their card to a terminal.

Smart card technology has already been fully implemented into the national ID cards of the majority of EU members states. The technology is open source and the hardware itself is low-cost (as low as $2 per card), so it is not surprising that its implementation is rapidly expanding in regions with high rates of unprovable identities.

In the early days of internet commerce there was an issue relating to trust between market participants. In 2009, Satoshi Nakamoto proposed to eliminate the issue of trust through the use of cryptography.

His idea, which is today nearly universally referred to as ‘blockchain’, involved the assignment of cryptographic identifiers to all market participants. Whenever a transaction is carried out using a blockchain, the cryptographic identifiers of each party, as well as the value transacted, is recorded on a permanent, distributed, ledger.

These cryptographic identifiers, as it turned out, serve well as the foundation of accessible digital identities for vulnerable populations. While in industrialized nations, we generally establish digital identities by uploading our government-issued identity documents to applications like Blockpass, people without any such documents can create identities with cryptographic addresses as the basic foundation.

In these situations, there is no ‘centralized’ authority that attests to who the person is. Instead, the user’s interactions build up a kind of reputation-backed identity over time. To illustrate, an individual would be issued a cryptographic identifier as a basic identity, then they could use that ID to access some service, such as to get vaccinated or access financial services. An indication that each of these interactions occurred would be recorded on the blockchain. A larger history could indicate a more reliable identity.

This kind of identity protocol would be most successfully implemented if it were combined with biometrics and smart card technology.

Basically, a smart card could be used to store the user’s cryptographic identifier (their public key) and their encrypted private key. When the user creates their identity, they would be asked to register their fingerprints s on a fingerprint scanner. Once registered, the fingerprints would then act as the decrypting element for the private key.

Whenever the user goes to use a service, they would be asked to touch their card to a smart card terminal, their finger to a fingerprint reader, and to enter in a pin-code. The service provider would then know with near absolute certainty who they are dealing with.

What do you think?
This sort of blockchain-powered, biometric, smart card identity protocol has yet to be tested but it certainly has potential. What do you think the possibilities could be?