home
close
 

Stranger Danger – What’s The Identity Matter?

 

Stranger Danger – What’s The Identity Matter?

Transaction Banking by D Sign

Blog by Professor Michael Mainelli

August 2015

What if … you had a portable, secure, globally available store of personal data in a blockchain?  You could have all of your health records or driving history available instantly to hand on to trusted third parties.  You might hand over your health record to a new doctor or to obtain a life insurance quote, or your driving history at an airport counter for a car rental insurance discount.  Your personal data store might also have your biometric data, thus giving you the ability to prove at any time it is you before someone, and that data contained in the blockchain is yours.

Michael Mainelli and Chiara von Gunten, “Chain Of A Lifetime: How Blockchain Technology Might Transform Personal Insurance“, Long Finance (December 2014), 51 pages.

Identity Matters

Loss of identity is instantly serious.  The BBC’s comedy, “Outnumbered”, has a hilarious scene where the tantrum-throwing middle child shouts “Stranger!” at his father while being reprimanded in a crowded garden store.  His father carries him away asserting he’s the father, “C’mon Ben” he says.  “I’m not called ‘Ben’!” screams the boy to the horror of other people in the shop assuming the child is being abducted. [Series 1, Episode 3 (2007)]  The humour lies in the instant, intense danger from a simple, even jocular, short-term question of parental identity.

Mutual distributed ledgers, aka blockchains, could transform the way people manage identities and personal information.  Individuals could own their data and no longer need to trust third parties to store or manage their information.  Mutual distributed ledger identity schemes could empower people with personal data storage and management, permission frameworks for access by third parties such as banks or insurance companies, and even distributed reputation ratings.  Such applications could reduce identity and fraud, increase confidence in products, and lower rates thus increasing coverage.  The concept of never losing data could materially alter the way society views identity, privacy, and security.

Identity & Money

With the multiplicity of discussions about money, we have seen a plethora of confusion about the meaning of money.  Money is about larger communities trading indebtedness.  I owe you a chicken.  You give my indebtedeness to someone else to repay one of your debts.  He or she claims a chicken from me.  In larger communities this indebtedness can be complex and heterogenous.  We can trade indebtedness of chickens for indebtedness of shoes, help with housebuilding, favours owed, or slights to status.  Money is a technology that communities use to trade debts across space and time.

So what then is currency?  Monetary technology typically uses self-referential token systems.  These tokens of indebtedness are social desires and values frozen at a point in time.  The value of the tokens depends on the future persistence of the community and its values.  Currency is anything that can be used as a token to record and transmit money around the community.  Money is a ledger entry; currencies are physical tokens.  But ledger entries are debts.  Debts are promises to pay.

But by whom?  Identity is fundamental to money.  The entry in any ledger is about people – A owes B.  Thus, tokens of identity are the basis of currency.  Søren Kierkegaard, “doubt everything”, reminds us that without risk there is no faith; there can be no faith without doubt.  There can be no faith in the community without debt, thus credit and a form of doubt about future repayment are intrinsic to monetary systems.

Identity is not just physical, a DNA or retinal match.  Identity is not just about ownership of bank accounts or assets.  Our identities are the ‘chains of our lifetime’, binding us past and future with the now.  For example, your school grades, your driving record, your tax payments, are all part of a chain of behaviour entangled with your particular human body.  Our identities encompass our relationships with other people and institutions.  Our identities vary depending on who is identifying.  The tax office probably has little interest in your driving record, but may care enormously about the days you spent out of the country.

Identity & Mutual Distributed Ledgers

Mutual distributed ledgers allow groups of people to validate, record, and track transactions across a network of decentralised computer systems.  The ledger itself is a distributed data structure held in part or in its entirety by each participating computer system.  The computer systems follow a common protocol to add new transactions.  The protocol is distributed using peer-to-peer application architecture.  The persistence and pervasiveness of distributed ledgers make them ideal for providing a lifetime record.

There is a swarm of trial applications putting assets onto mutual distributed ledgers - land & property, vehicles, ships, satellites, business ownership/incorporation/dissolution records, regulatory records, tax returns, building and other types of permits, court records, government/listed companies/civil society accounts and annual reports, etc.   A swarm of other applications are putting data onto mutual distributed ledgers - contracts, passports and IDs, birth or death certificates, signatures, criminal records, high school/university degrees, professional qualifications, certifications, human resources records, medical records, accounting records, business transaction records, locational data, delivery records, health and safety inspections, genome and DNA, genealogy trees, etc.   

Mutual distributed ledger technology and related applications could transform the way we manage digital identity (ID), personal information and history.  An ID scheme relying on a decentralised mutual distributed ledger combining a public ledger of records with an adequate level of privacy could rival state-backed identity systems.  A number of digital ID schemes are emerging, including OpenID Connect, a protocol combining an identity layer and an authorisation server, which allows clients of all types (e.g. developers) to request and receive information about authenticated session and end-users across websites and apps without having to own or manage password files.  Governments too are trying to set up digital ID systems and authentication processes.  The UK for example unveiled Gov.UK Verify in September 2014, a proposed public services identity assurance programme which might use a network of trusted and vetted third party providers instead of relying on a centralised database.  Estonia has been operating a national digital ID scheme for a decade and is extending application to foreign non-residents, which would in effect separate state-backed ID from location.

Identity ‘Chains’

Creating a trusted and widespread digital ID system is technically straightforward but socially difficult.  Public Key Infrastructure (PKI) and digital certificates were all the rage in the 1990s.  Many issues, not least commercial confusion, impeded public understanding.  While PKI and digitial certificates are functional, widespread use has evaded them, though they have niche applications, often in financial services.  Social media networks are trying to make their accounts a form of ID though these generally fail to meet basic trust requirements as most are issued without verification. 

A mutual distributed ledger identity scheme could take the form of an application hosted using identity validators (i.e. pre-determined experts authenticating documents or information submitted) and identity brokers allowed to cross-reference information securely with other data sources (including governmental ones).  The application could enable additional functions including personal data storage, authorised access frameworks for external providers or even reputation ratings.  Combining authentication and personal data management functionalities with secure mutual distributed ledgers could lead to new frameworks for identity management.  If successful, such identity schemes could remove government monopolies in managing their citizens’ identities and data.

At a time where access and control over one’s own data is becoming increasingly sensitive, empowering individuals to store, update and manage access to their data seems rather appealing.  In identity schemes we are working on, the identity validator is a ‘co-stamper’ of data onto a personal or corporate ‘chain’.  The owner of the chain can include what they like, but if they wish to get other people to accept the data’s validity, it needs co-stamping.  An identity validator might be a government, an accounting firm, a credit referencing agency. 

A simple example might be that your accountancy firm needs to co-stamp the inclusion of your annual report on your corporate identity chain before other parties would normally accept it.  Another example might be that you go to an identity validator to encode your DNA, retinal scan, and photo, thus time-stamping your identity.  Validators have no further access to the data.  However, you can share the key to your identity chain with other people and organizations.  Others will rely upon the fact that the data has been co-stamped by a trusted third party.

Avoiding The Identity Complexity Trainwreck

Two inexorable trends increase the tensions in identity, globalisation and population.  In a globalised world approaching ten billion people, transactional affordability is crucial to success.  Sure, a few high-net-worth individuals may afford a complex and costly identity scheme, but the promoters of those schemes are pushing billions of potential customers to the side. 

The increase in connectivity – seven billion phones for seven billion people, and internet-of-things devices estimated by Cisco to hit fifty billion by 2020 – will increase the number of transactions several-fold.  So too will the identity problem increase several-fold.  Visa and MasterCard already process ten transactions globally per person per annum, and they are just one type of international provider.  If global payments over the decade come to resemble the USA today, with several hundred million online payments per day, we are well onto ‘tera-transaction’ measures in the next decade.

So how can banks plod along with hand-cranked and cranky know-your-customer and anti-money-laundering (KYC/AML) systems?  The Peruvian economist, Hernando de Soto, points to the importance of widespread economic participation for prosperity and stability, and argues that inclusion starts with participation in an information framework that records ownership of property and other economic information.  Once there is strong identity, then there is much stronger lending.  The developing world is already a place to look for identity innovation.  One such example emerges from Unique Identification Authority of India which everyone in the identity world is watching.  Expect numerous creative connections with finance.  Can developed country systems ponderously exclude such large markets simply by having vastly slow and costly systems to exclude future customers? 

We can also see that transactional affordability will drive a ‘many uses’ approach to get the most out of an expensive process.  Both high-new-worth customers and low-net-worth customers expect global identity, whether it’s credit card authorisation, payments, or health records.  Their demands will get stronger as they realise what can be achieved, rather than what has historically been put upon them.  They will exclude service providers with onerous identity rituals such as KYC/AML.  ‘Many uses’ will in turn drive consolidation towards a few, competitive, global systems.

It is probably not too much to assert that establishing an efficient identity system is the core global development challenge.  For the developing world, identity is fundamental to getting onto the ledger in the first place.  For the developed world, efficient identity is fundamental to staying in a growing, globalised game.  An old children’s riddle goes, “If it’s information you seek, come and see me.  If it’s pairs of letters you need, I have consecutively three.  Who am I?”.  Indeed, who?  In the world of mutual distributed ledgers our most important ‘bookkeeper’ may well be our identity bookkeeper.  Who will it be?

 

About the author

Professor Michael Mainelli is Executive Chairman of Z/Yen Group and Principal Advisor to Long Finance.  His latest book, The Price of Fish: A New Approach to Wicked Economics and Better Decisions, written with Ian Harris, won the 2012 Independent Publisher Book Awards Finance, Investment & Economics Gold Prize.

Facebook Twitter Linkedin
Top