Blockchain and Identity Technologies
One of the most interesting use-cases of Blockchain technology is its potential to transform digital identity. In this article, Chain Intelligence writer Cathy Guo teams up with Aiden Slavin, MSc at University of Oxford’s Refugee Studies Centre, to write about the history of identification technology, extension of blockchain-based identifications to refugees, and blockchain projects seeking to establish a digital paradigm for “self-sovereign” identity.
I. Identification Technologies: A Historical Background
Prior to the late 19th century, most states lacked the elaborate bureaucracies necessary to produce identifications on a large scale. Identity was, for the most part, “read” off the body. People have long signified their wealth, tribe, and occupation through physical markings; tattoos and brands represent some of the earliest and most common forms of externally attested identity.
Jeremy Bentham once remarked that “only the extreme state measure of tattooing the population would solve the moral and political question ‘who are you.’” Bentham’s question of identity often stands in for another, namely, ‘how much power do you have’? Indeed, most of the human beings subject to forced identification were (and remain) those at the margins of society — slaves, prostitutes, criminals. Identifications were, essentially, stigmatized warnings.
Throughout the 19th and 20th centuries, this pattern recurs: identity technology is invented, tested, and enforced, at the edges of society before it is applied at its center.
For example, in order to control the movement of “outlaws” (i.e. organized workers) within his empire, Napoleon issued what some believe to be the world’s first national identity card. This practice soon spread to other countries, initially to catalogue minority groups and, gradually, to surveil all individuals within a national border.
Similarly in 1920, confronted by some 800,000 people left stateless by the Russian Civil War, the League of Nations introduced the “Nansen passport.” At the time, the League had only a vague conception of statelessness. Trapped in a nebulous categorization, the stateless suffered from an insecure legal status. The Nansen Passport did not grant citizenship for the stateless; it merely safeguarded stateless peoples against deportation and allowed them to cross certain borders to find work. Many regard the Nansen Passport as a blueprint for the modern international passport. Shortly after the Nansen’s introduction, the League of Nations ratified the modern international passport as universal legal tender.
Alarm over World War I made state surveillance and migration control, based on a universal identification system, politically feasible — not only at the periphery, but at the very center of the nation-state system.
II. Refugees and Blockchain-Enabled Technology
Today’s world bears the highest number of displaced persons since World War II.
Throughout the 20th century, innovations in identification technologies tended to progress from the margins to the center, especially in times of crisis. This apparent phenomenon forces the question: does the extension of blockchain-based identification technologies to refugees signal a new global standard?
In 2015, “decentralized governance” platform Bitnation rolled out the Blockchain Emergency ID. Its first implementation confirmed “proof of existence” via a headshot alongside a screenshot of the latest Bitcoin merkle root (the hash of all hashes of transactions in a given block). This picture and related attestation documents were placed in an Emergency ID template and recorded on Bitnation’s native blockchain. Bitnation then tried to link these IDs to Bitcoin debit cards and issue them to Syrian refugees to little avail — given merchants and camp organizers flat-out refused to accept Bitcoin as payment.
In September 2017, Finnish Immigration Services implemented a similar program and began issuing prepaid Mastercards to refugees, which were linked to a unique digital identity stored on a (supposedly public) blockchain. Unfortunately, we could not find further technical details about this implementation.
The most technically coherent and comprehensive project in blockchain-based identification for refugees is indisputably the United Nations World Food Programme’s Building Blocks project. For decades, the WFP has been responsible for issuing cash entitlements to millions of refugees, who spend their entitlements at participating retail locations with cash, mobile payments or a prepaid debit cards.
The Building Blocks project effectively moved the WFP’s refugee identity and cash entitlement program onto a blockchain backend. The WFP uses a fork of the Ethereum codebase modified by Parity, essentially creating a permissioned version of Ethereum. Only registered U.N. computers can participate in the blockchain’s consensus protocol, and the blockchain’s ledger of identities and transactions are stored exclusively by the U.N., which claims its proprietary access ensures user privacy.
The Building Blocks pilot has created significant cost efficiencies (1.5–3% savings on every transaction due to elimination of banking fees), increased transparency (all transactions are monitored on the blockchain in real time) and new modes of thinking about refugee identification and payment systems. Rather than relying on local banks to manage accounts, reconcile and settle transactions for refugee entitlements, the WFP now directly registers refugees on the blockchain, linking their unique blockchain identity to a biometric iris scan powered by IrisGuard. Virtual wallets are created for each user, which enable refugees to spend virtual assets at participating retail points. The U.N. is able to disburse goods and services to refugees, while maintaining a ledger of all refugee transactions under this program.
The WFP aims to enroll all 500,000 Syrian refugees in Jordan into the Building Blocks program by the end of 2018. The expansion would be one of the largest implementations of a blockchain project to date.
III. Self — Sovereign Identity: Can Digital Identity Begin The Revolution?
While biometric and blockchain-enabled identification systems constitute powerful new methods of aid delivery for refugees, we must remember that the underlying data and technologies created by the WFP and analogous solutions remain centralized and controlled. Refugee identities on such systems cannot be ported beyond the physical bounds of camps or the digital bounds of governmental/institutional surveillance, especially in the case of permissioned blockchains. While these technologies create efficiencies within the closed loop of a refugee camp economy, they provide little means of financial empowerment beyond such boundaries.
The movement and behavior of marginalized populations remain highly controlled. As test subjects for this new technology, refugees’ biometric information and financial transaction histories are essentially recorded by one entity (in the case of permissioned blockchains like WFP), placing outsized, corruptible power in whichever centralized organization maintains the blockchain. Few safeguards exist to stop authoritarian regimes from deploying similar technologies on vulnerable or quarantined segments of their population. One thinks back to Nazi Germany and wonders how such technologies of surveillance enabled by blockchain— capable of monitoring an entire closed economic system in real time — would have played out in a detention camp.
Identity technologies are often generated by the interests of a centralized issuer, like today’s nation-state. Self-sovereign identity, the most utopian of identification technologies, seeks to subvert this paradigm. In the case of self-sovereign identity, identity become portable, persistent, and privately controlled, threatening the privileged status of centralized identification issuers and managers.
Specifically, self-sovereign identity technology seeks to address a few keys vulnerabilities of existing digital identities:
- Fragmentation. Our digital identities are stored in numerous “silos.” As we give pieces of identifying information to countless platforms and services users are forced to remember their access credentials for each, creating redundancies. The persistence of that identifying information relies on the continued existence of a centralized third-party.
- Security. Centralized repositories for data stored by governments or companies are honeypots for hackers. The Equifax breach was a case in point, with 143 million US consumers’ data compromised. Developing economies using digital identities for enormous populations provoke even more concern; India’s Aadhaar system stores 1.19 billion peoples’ worth of biometric and personal data, some of which are currently being sold on Whatsapp for a cheeky $10.
- Privacy. Users are not consumers, but products on many digital platforms. Usage of platforms like Google and Facebook necessarily means your data (including identity information) is sold to third-parties including law enforcement, government agencies, advertising agencies and others.
So far, the history of digital identity has slowly progressed from high fragmentation and low user control to lower fragmentation and increased user control. In the 1990s, Microsoft’s Passport program and Sun Microsystem’s Liberty Alliance experimented with federated identities, a system where users could use the same credentials across platforms within a federation. This decreased fragmentation, but failed to increase user control.
In the 2000s, the idea of “user-centric identities” gained steam, a system wherein individuals could utilize a “persistent” digital identity across platforms without a federation as the custodian. Projects like the Identity Commons and organizations such as the Internet Identity Workshop sought to address both fragmentation and user control. Unfortunately, very few projects were realized, and the few that were tended to be backed by centralized corporations (Facebook Connect as case in point) that, like federated identities, prioritized fixing fragmentation over empowering users.
In recent years, the self-sovereign identity has received attention for its potential to eliminate fragmentation and enhance user control more so than any previous iteration of digital identity architectures. In order to do so, SSIs leverage the following features:
- Portability. Self-sovereign identities are transportable across physical geographies and digital domains.
- Persistence. Self-sovereign identities cannot be “confiscated” by governments or revoked by any centralized entity, physical or digital.
- Private Control. The user controls all claims, proofs and third-party attestations in relation to his/her self-sovereign identity, and can choose which pieces of information to release to specific parties. Identity is not “issued” by any authority, and is not stored by any custodianship system.
Some believe that blockchain technology will enable the creation and adoption of self-sovereign identity technologies. There are already numerous projects in this vein. Prominent ones include Civic, Sovrin, Evernym, and the Consensys-backed uPort.
How does this work? A “blockchain-based self sovereign identity” is essentially an address on a public blockchain that serves as a permanent identifier. The user himself/herself controls the cryptographic private key that functions as the password to the blockchain ID. This blockchain ID (address) is then linked to numerous “attestations,” or third-party identity verifiers including “hard” attestations such as government certificates or “soft” attestations such as peer reviews; such attestations can be stored on the blockchain itself, or on off-chain structures such as encrypted “ID hubs.” Users can then release specific attestations to relevant parties, gaining control over what personal data is shared and how, while managing all pieces of their digital identity with one password (private key).
In this case, entities seeking to verify identities can trust that blockchain IDs and their linked attestations, as part of an extremely difficult-to-alter distributed ledger, have not been edited or censored. This information is not stored in a central repository, but replicated across a distributed network, which increases its resistance to tampering and reinforces its security.
The SSI, in short, enables the highest degree of portability, personal control and security for digital identity.
That being said, we do not share the ecstatic evangelism of blockchain enthusiasts. The technology is still extremely early stage — scalability and privacy of data on public blockchains leave much to be desired and require most identity management to be hosted off-chain. Full implementation of working blockchain-based SSIs could take years, if not decades. Whether or not blockchains are even necessary to their implementation remains to be seen — perhaps some other form of distributed ledger technology would be better suited to host self-sovereign identities.
Perhaps most importantly, the usability and real world impact of SSIs would still require its acceptance by service providers, digital platforms and in the future (inevitably) governments. Given the reversal of power dynamics embedded in the concept of SSI (global portability, self-sovereign user control), we doubt that it will ever be accepted without significant regulation. That, or the significant erosion of the nation-state as a system of governance.
Hindsight often yields foresight; an examination of the 20th century tempers the euphoria associated with new identification technologies. For most of history, identification technologies have evolved as a means of “marking the rightless,” deployed to manufacture exclusionary and exacting borders. By assuming that blockchain identity technology will liberate all we forget the long history of identification technologies — we naturalize their existence, along with the borders they inevitably enforce.
How blockchain-enabled identity is implemented and, crucially, who controls it, will determine whether this new technology is used as a new mode of surveillance and control, or as a paradigm-shifting model of user-controlled, self-sovereign identity.