FAB Use Cases: Identity Management

In this series, we tackle different potential use cases of Fast Access Blockchain and how we can build a better world through our solutions.

  • Involve multiple organizations
  • Where trust is key, or trust is presently severely eroded
  • Proof is key
  • Involve exchange/transfer of assets or value
  • Involve data sharing or presently suffers from silo’d data
  • Benefit from micro transactions/streaming
  • Have opportunities for new business models, products or services

Join our Telegram for further discussion:

Identity Management is important for consumers in the Information Age.

For most of us, our identity today is managed through a combination of physical IDs (eg. birth certificate, passport, driver’s licence), and login IDs with passwords. There is no singular unified way in which we communicate who we are to another person or organization, and no unified way in which that organization can verify that we are who we say we are. Confirmation is done through a cross-referencing of these IDs, credit checks and background checks.

In order to set up an account or profile at any organization that we deal with, we provide our sensitive personal information. As we know, time and again such organizations that we supposedly trust are hacked and the personal information of millions of people are stolen. According to Javelin Strategy 15.4 million people in the US were victims of identity fraud in 2016 (a 17.5% increase from 2015), costing $16 billion in losses. Furthermore, the World Bank estimates that 1.1 billion people in the world have no official ID, and no way to get one.

A recent example of the damage that hacks can reek was the Equifax scandal in 2017. Social Security numbers, addresses, driver’s license numbers and birthdays were stolen from 145 million Americans and over 19000 Canadians who are now exposed to various types of fraud including false tax returns issued with their SIN or lines of credit opened in their names.

Another example is the recent scandals surrounding social media websites such as Twitter and Facebook. Many users on Twitter have found that their profiles and identifying information have been spoofed into fake bot accounts on Twitter. Facebook sold data of their customers to different marketers without proper safety measures in place, allowing companies like Cambridge Analytica to access millions of customers integral information that they use to influence political movements in different countries.

The protection of consumers and our information is of the utmost importance, and a major area for blockchain technology.

A good starting place is customer- controlled applications for identity. With blockchain technology, your personal information can be stored using an identity app on your smartphone or other digital device, encrypted, requiring multi-factor authentication (e.g. passcode + fingerprint, facial recognition etc.) to access. Signature hashes of each piece of verified personal identity information (name, address, phone number, DOB, driver’s license number etc.) are stored on the blockchain.

Even if a hacker was able to obtain all of this data off a blockchain server, it would be impossible to determine the original personal data. They would have to somehow get a hold of your private key and the encrypted data. Stealing your smartphone would not be sufficient, as it requires your passcode + fingerprint or other biometric means to unlock the identity app. The identity app would allow you to prove who you say you are, and provide only the necessary pieces of personal identity information required by the organization you are dealing with, and no more. The requesting organization can access the public blockchain to verify your identity.

This has an extremely wide range of applications. Traveller identity is being explored through the “Known Traveller Program” a pilot project by the Canadian government in partnership with the World Economic Forum. Other applications include banking & financial services, online purchasing, voting, access to government services, access to healthcare services, taxation, enterprise login, law enforcement, as well as electronic signing of documents.

Use of such a system would reduce friction in all of these activities with the convenience similar to tap to pay credit or debit cards, but with infinitely superior security. For the organizations this not only saves time, but is also more secure than the present method of checking physical IDs or asking security questions over the phone. The benefits of avoiding litigation and regulation compliance issues are extremely high both monetarily and for PR.

Through this system, individuals should only need to go through a KYC process with one organization, such as their bank. Once their identity has been verified and put on the blockchain, any subsequent organization requiring a KYC process can use the trusted data on the blockchain.

Note that the foregoing description is somewhat generic with some details omitted, and other implementations are possible.

Written By: Eugene Cofie

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store