GoodDollar Identity Pillar: Balancing Identity And Privacy: Face Verification
By Hadar Rottenberg, Tech Lead, Gooddollar
GoodDollar is an economic framework with a cryptocurrency — GoodDollar, or G$ — based on universal basic income (UBI). Crucially, it must enforce a 1 person 1 account policy
This approach goes against the prevailing current attitude of many crypto libertarians who advocate for maximum anonymity as a default. Such a position is a reasonable response to increased fears around corporate data theft and abuse and also regarding government surveillance over their own citizens, as exposed by Edward Snowden in 2013.
The reaction to digitial privacy, while understandable to a degree, could be argued to be going from one extreme to the other. If our privacy is breached then anything that isn’t fully private is to be mistrusted. As a society, many times we act and react moving like a pendulum from one position to the polar opposite, taking the long route to the solution instead of taking the time to seek out the middle ground, which is, in fact, a much shorter route — or the path of least resistance, in the long run.
Communities are based on trust; communities are not anonymous by design. When you join a community you give up some of your privacy and some of your freedom. The members of the community want to know who you are and that you agree to the rules before you are fully accepted as a member, with all the associated benefits. Or better think of it as this: if you go to a house party, you better be ready to introduce yourself and explain to let people you don’t know, how you were invited, and what’s your relationship with the house owner, currently hanging of their mother’s wall art. :)
So while the crypto-libertarian worldview strives for absolute anonymity, the crypto-commons view must have a public identity by default. (For the original article about crypto-libertarians and crypto-commons go here.)
GoodDollar distributes new G$ to all its members on a daily basis. The only requirements to become an approved member is to be a living human being (and probably own a smartphone, or at least have access to the Internet).
Since GoodDollar distributes free G$ we must verify that each person can sign up only once. The simple option is to use government identification, but this is neither very user friendly nor available to many of the “unbanked” — that group of more than one billion people that do not have access to financial systems that we take for granted in first-world countries –and it has many other shortcomings, besides.
While we actively work to explore and develop more decentralised identity solutions such as BrightID and Identity Curation Markets (DAOStack), we chose to start with face verification and liveness testing by using Facetec’s Zoom 3D. We keep an anonymized dataset of the facemaps of all that people that register and for every new registration we try to verify the face submitted does not already exist in the dataset.
You can register to GoodDollar without any face verification test, but once you want to claim (daily UBI) you have to go through such a process. It is worth noting here that obviously biometric information is sensitive. We care a lot about our members’ sensitive information, which is why it is saved anonymously without any link to your GoodDollar profile.
The first test checks if the user’s face matches an existing one in the database. The second test checks if the user passed “liveness” which minimises fraud based on static images, pre-recorded videos or masks. If the user passed both tests than with high probability we can assume that they are both unique and a living human being. Then their facial attributes are added to the database. Any attempt to register again with the same face would fail.
The facial attributes are saved anonymously without any link to the user’s GoodDollar profile, blockchain address nor to their record in our own database that we use to communicate GoodDollar’s updates and news.
The user is the sole owner of their facial record identifier in our database, and once they decide to delete their account they send us the identifier and we delete their record. So any attacker able to grab this database would not be able to link the faces to any privately identifying information — and nor can the GoodDollar own team. It is important to note that the key to biometrics is “liveness”, as long as the verifying party verifies the sample has arrived from a live person getting hold of the sample itself should pose no security risk.
An interesting point raised by Facetec is that even with their world-best 1 in 4.2 million FAR (false acceptance ratio ) which means that 1 in 4.2 million face comparisons will result in a false match between similar faces but belonging to different persons, human faces are just too similar to be uniquely identified by a computer once the dataset grows to hundreds of millions. So once we get to a dataset of 4.2 million people we are going to get 1 false match for every user that tries to register, this is why researching other identity solutions is a long term goal of ours.
GoodDollar: Change Wealth Inequality — For Good
Do you have the skills to help the GoodDollar project? We need builders, scientists and experts in identity, privacy, and financial governance, as well as philanthropists and ambassadors. Contact us athello@gooddollar.org, via our social media channels (Twitter,Telegram, or Facebook), join the OpenUBI movement, or visit ourGitHub page. Our YouTube channel is worth checking out, too.
