Professor Michael Mainelli of Z/Yen in Conversation with Mattereum CEO Vinay Gupta
Full video and transcript below.
On April 10th, Mattereum hosted the third Internet of Agreements® (IoA) conference at the Google Campus in London. IoA® is a vision for global supply chains and logistics, integrating national laws and regulation with international commerce through the application of technology such as blockchains and smart contracts.
Prof. Mainelli began with a brief introduction to modern notions of identity, starting with the pre-First World War passport issued personally by the British Foreign Secretary and moving on to the Nansen passport, an identity document issued to refugees as part of a private venture, which continued to be used into the early 1980s.
Mainelli then explained his enthusiasm for identity systems by referencing Peruvian economist Hernando de Soto’s thesis that granting the poor secure property rights could unlock tremendous value in the economy. Mainelli said that proof of identity is a prerequisite for claiming property rights, and estimated that 2.4 billion people lack proof of identity.
After a brief comparison of the US, EU, and Indian/Chinese approaches to identity, Mainelli concluded his talk by emphasizing the distinction between probabilistic and deterministic identity.
With Gupta, Mainelli explored Z/Yen’s distributed ledger-based identity management solution, IDChainZ, its subject-centric approach to handling personal transferable credentials and documents, and the underlying smart ledger infrastructure, ChainZy. Gupta observed that there is an incredible amount of stranded capital in the cryptocurrency space due to the lack of KYC/AML practices and the current regulatory uncertainty. Mainelli then explained the distinction between insurance and indemnity, which are often conflated. Mainelli concluded the discussion by presenting two possible approaches to developing identity solutions: a top-down, centralized, surveillance-based approach and a probabilistic approach that deals with the risk of misidentification by insurance or indemnity.
Michael: Rob, that was a great exposition of a lot of the issues. Vinay and I are going to come up and have a bit of a chat really broadly about three areas, but I might touch on them briefly just so Vinay can kind of riff off them.
The first is identity. Have any of you really got a clue about what identity was like before World War One? Hands up, how many people think that there were more than say 50,000 passports in circulation pre-1916 in the United Kingdom? Nobody believes that? Good, thank you Chuan, that was kind of you. [laughter] Alright, 10,000, 10,000 passports in circulation? There we go — you’re onto me! It was about three, by the way, 3,000 passports. Why was that? Well, a friend of mine Martin Lloyd wrote a book called The Passport: The History of Man’s Most Travelled Document, I really recommend it, it’s a slim volume, he is actually a former official for immigration and he really knows his stuff. The point was actually a passport was frighteningly dangerous. Why did you need one? Why were you coming to France and entering France with a British passport, blue or otherwise? This was kind of a scary thing. In fact, the Foreign Secretary had to know you personally, he’d sign off your two daughters or your sons and a few other things, that’s how you get to 3,000, but he actually had to know you personally. So these were very dangerous items to have, at least at a national level, and people were running through all sorts of different identity schemes in many, many different ways.
Anybody here familiar with Nansen passports? World War One ends, we’ve got about six million displaced people. How are we going to deal with it? A Norwegian explorer by the name of Nansen comes up with the idea of a private passport. He does have some support from the League of Nations, it’s not wholly private, but for those of you who think this is just some sort of silly document, it was also a Ponzi scheme, Ponzi in the sense that he was actually using stamps. The idea was that you would go and get a Nansen passport as a displaced worker, and they would really grill you, you’re talking about all the people in Central Europe. Vinay, you claim you’re from this village in Bulgaria. What’s the church? And I don’t know that bit of Bulgaria, but Joe over there, you’re Bulgarian: you go and talk to him, make sure he knows it. Do you know Santamaria? Who was your gym teacher? It was that kind of real grilling, and then they would give Vinay this little yellow document, and the yellow document had a stamp in it which was good for a year, and Vinay had to get it renewed the next year. And the stamp that he paid for wasn’t because Nansen was trying to make a profit, it was so Nansen could run and expand this scheme, and several million Nansen passports were actually issued.
I came across them purely accidentally in the 80s, standing in the immigration line at Heathrow, in the days when you couldn’t get out of the right line. If I can be a little bit honest, I saw a chap with very long locks and a long black coat, and I thought, “This is not going to go well. I’d really like to be in another line,” and he walks up, and sure enough — oh blast, this is just the worst thing that could ever happen — the immigration official starts giving him a bit of hassle, this old grandfather. Suddenly, from by the silver mirror, a guy gets out, cap under his arm, “Excuse me,” turns to his young colleague and pushes him to one side, says to the gentleman, “Terribly sorry, sir. My colleague isn’t familiar with your situation. Welcome to the UK,” and waves him through. And as I came up, I thought, “Well, that was unusual,” so I said to the guy just as he’s turning to go back behind the mirror, “Excuse me, but what was that?” and he said, “That was a Nansen passport,” and he explained it to me. So these things were still in operation certainly up until the early 80s, but they were a private passport system.
So, I think as we’re looking at this area of identity, it’s very important to remember that it sounds like we’re talking about radical, new and wonderful things, and in some ways many of them are, but don’t forget that the current situation is relatively recent. This notion today that we have of where your mother broke her waters suddenly determines everything about the rest of your life — your rights, your privileges, your ability to move into any country or nation or work there or visit it — is actually a bit peculiar. Now, the opposite of that isn’t about rights; it’s about power structures, and a lot of the identity stuff that we’re going to talk about today is about power structures as well. If you look in the United Kingdom, we’re a particularly poor place to look at areas like identity. I think many of you would agree with me that you associate identity with the anti-money laundering and know your customer processes you face every time you go to your local bank or try and take out a financial product, that’s probably most of the time that you hit identity issues as a normal, typical consumer. But the problem here is you’re in a country with a cartel, where five banks control 85% of the industry.
What does that mean? Well, since about 2000, the Cruickshank report in this country, these banks have got a very deliberate strategy… They’ve admitted it, I was on stage with Antony Jenkins last month in Mansion House, in front of 300 people, he’s the former CEO of Barclays, and he admitted it, now that he’s running a challenger bank, that his strategy was to prevent account transfer. That makes a lot of sense: if you’ve got a 20% market share, there’s no way that you’re going to build a better business and attract more customers without winding up with a monopolies investigation, so really your objective has to be to prevent account transfer, that’s the cheaper way to do it, and it’s quite easy as a cartel of five to do that. So we have these horrific, onerous, idiotic processes which are designed to keep us from moving. Again, that’s not a particularly good thing to learn from, and it’s also I think rather recent. I thought those might be some things to open up with.
Why am I excited about identity? Well, I don’t want to sound like an evangelist, but what does excite me is, frankly, Hernando de Soto. Those of you who have read Hernando de Soto, he points out many years ago, famous Peruvian economist, that the biggest thing to get in the world is if you can get people involved in property rights, then everything else moves from there: development occurs, favelas fall down, the whole world is a better place. It sounds good, but I’ve noticed time and time again that the real problem is getting people not to have property rights; it’s to get them the identity rights that allow them to get to the property rights in the first place. Many of you will have seen a number that’s been touted, Sustainable Development Goal 16 from the UN, which says that there’s 2.4 billion people who are unable to have a legally useable identity. This is — personally, in my opinion — a bit high, but you can begin to see where things are moving.
I think we’ve got three interesting blocks here, as we look at the future that Rob was outlining: one is kind of the US view, which is, strangely, a bit more Wild West than you would think in some ways, and I guess, given that the Westerns that I’ve seen, it’s a pretty good location, but it’s always had a bit of a free for all. You can look at the EU, where the nation states largely believe that they can, in some top-down way, actually understand the whole population, but they’re actually breaking and moving in areas like GDPR to somewhat a different structure and a negotiated use of identity systems. If you look of course at China and India, we’ve seen probably some of the greatest implementations of national ID systems in both countries over the last 10 years. So we’ve got three very distinct blocks, with China and India taking the top-down approach, the EU moving towards what would have been traditionally more of a common law approach, and the US sort of leaving things alone.
I saw this most interesting as a psychology study almost when I brought Equifax to this country in the late 1980s. Equifax comes over to the UK, I’m quite interested in it, and they hit a country where it’s believed that you can find everything out about somebody to rent them for example a television, which was what was going on at that time. So Equifax comes over, and Equifax is telling UK retailers, “You’ve got a probability that this is the right person,” and that of course is coming out of the US culture, where they’ve never had any of the ability to guarantee that they had the person with this driver’s license wasn’t the same person as somebody with the same name in a different state, and so on and so on and so on, so you’ve got a probabilistic system meeting a deterministic system. We could go on about the 2006 national ID debacle in this country, but we won’t.
So, I think what I’d like to talk about with Vinay, with that background, is very much the idea that what’s going on in this identity space, and I’d also like to I think touch on — Vinay, if you don’t mind — your ideas on indemnification for it — thank you! [applause]
Vinay: Michael, that was a wonderful introduction!
Michael: Rob took it all.
Vinay: I guess we should start be talking about the identity work that you’re doing right now with ID chains. Would you like to tell us a little bit about what ID chains is and who’s using it?
Michael: Our firm has been working in the distributed ledger space arguably since the mid-90s. About five years ago we became convinced that the field consisted largely, if you left the payments area and the crypto to one side, it was very much identity, documentation and agreement exchange, this to us was the big area. I’m not here to play crypto games or anything like it; it’s just where we decided the efforts would be made. We’ve worked very hard on developing, over 20 years, very, very, very high-speed, extremely low-cost distributed ledger systems, with sprites as we called them, before smart contracts became kind of the trendy phrase.
Last year the National Physical Laboratory tested one of our systems at 25 billion transactions a day, and agreed that the rig could hit a trillion if we felt like it. Why do we want this? It’s not about speed, because we’re not trying to charge a lot; it’s actually about speed, in the sense of being able to handle large volumes of things in this space.
Vinay: So in terms of low latency, or in terms of large throughput?
Michael: Both. Low latency in a sense, roughly, throughput on any particular node, about anywhere from 2,000–10,000 transactions a second, but of course it’s really that huge, large volume thing that you’re after.
Vinay: So what you have is an architecture that has essentially permissioned ledger style performance but parallelism across the ledgers.
Vinay: So it’s kind of a like a sharded permissioned ledger.
Michael: Yeah, there are definitely analogies there, and I know that the terminology is evolving too so I’ll leave it be, but that’s it.
The second thing was we were looking at our thoughts on the evolution of identity, wanted to see if this could do it. So we teamed up with Suncorp in Australia and also with PwC in Europe, and we built something called ID chains, and ID chains was the ability to swap identity documentation. So it’s not about being an identity system; it’s saying that if you’re an individual and you’ve got your own identity documentation, can you swap it with somebody or not. That system was built certainly three years ago, maybe four, and we were doing that just as a proof of concept. We thought it was quite interesting that GDPR allowed you to come into me as PwC for example, I’d be a certifier, I would say your passport is absolutely fine, I would digitally sign it, and I would then give you that data back for you to use your own data with my signature.
Vinay: So I have a set of certified claims. You have essentially notaries, they’re basically acting as notaries: an age claim, a passport claim, a birth certificate claim, documents with signatures. Kind of like a secure Dropbox but with other people’s statements of fact, not just yours.
Michael: That’s right. In fact, you could take this situation where a government documentation arguably ought to come directly to me. Why is it that I go to a notary? Why can’t I have a digitally-signed copy by the DVLA of my own driver’s license?
Vinay: The reluctance of government agencies to put digital signatures on documents is amazing, it’s just amazing. I mean, it’s the forgery-proof credential that everybody wants. When I talked to Dubai about their blockchain strategy, what I said to them was, “Look, all you really want is government documents hashed on a blockchain, you want the ability to recognise your own documents when they go from department to department, it’s all you really need,” and I thought this is kind of simple enough that it’s almost impossible to screw up, and it’s actually survived pretty much intact. Many other things have been added to it, but that core concept of being able to accept your own documents back again seems to have held together pretty well.
So ID chains has this model where all of these identity documents are in a container, you give the container to somebody when they want to verify your identity, and it basically slashes the paperwork for managing new identity claims in the current formal system. Is that roughly it?
Michael: That’s right. And that leads therefore to noticing that there are three different roles here. There’s the subject, me, who has got all of this documentation; there’s a certifier, the PwCs, the notaries, perhaps a government department, so they’re basically saying, “This is a document I’ve added my digital signature to,” and leaving key management and all that to one side and digital certificates. The third bit of course is the interrogator, the person who is saying it. I think this leads to two interesting issues: the first is this type of approach only works if there’s a market, in that the interrogator is prepared to use somebody else’s certification.
Vinay: Right, you have to be willing to accept a third-party claim.
Michael: Correct, and that therefore requires scale. Like so many things on the Internet, you can see the network effect, if it takes off, is very powerful, but it makes it very difficult to take off.
Vinay: Yes. This is one of the joys of the ICO world, is that there’s the potential of applying enough just cash to things to push them up these hills onto the next plateau. There are a lot of folks in the blockchain space running around on these 100-million-dollar war chests, and the hope is that they have enough money to push things through these phase transitions. Although when you start thinking about the loss rate on that, because probably 90% of those projects will fail to get up those cliffs, you can see why we don’t do things that way already.
The paradigm that we’ve looked at is insuring those attestations, getting people to stand behind them. But if there isn’t a strong competitive demand for the attestations in the first place, it’s then very hard to sell insurance on top of that, because it’s an additional cost and an additional barrier to entry.
What do you think are the obstacles to large-scale adoption of these kind of identity practices?
Michael: I think the network effect is the biggest thing, it’s that whole bit of “Well, I can see this all in principle, but if I go to all of this effort, who is going to use it?” There are a host of other things: is my data really secure? Who’s got access? What’s the recovery rate? Because it’s so secure that if you lose all your keys, you’re back to ground zero and you have to start again. And then we move on to where do I get the actuarial data to handle indemnity?
There are a couple of points I’d make. We’ve been waiting for the cryptocurrency boom to kind of move away. We’re now looking at a traditional IPO of our ChainZ systems, of which ID chains is a major component.
Vinay: An actual IPO?
Michael: An actual, just a straight IPO: normal equity rights, the usual boring thing… We’re not asking for hundreds of millions… It’s all that kind of thing.
Vinay: Tens will do? [laughs]
Michael: And none of you can invest, so don’t worry about it. But no, we’re seriously looking at just a nice, boring, straight thing. But when we’re looking at moving ID chains for… The market that we’ve identified is wealth management internationally, but within a single firm.
Vinay: So this is the ultra-high net worth case, where people try to move from one country to another country and they don’t want to spend six weeks in paperwork hell?
Michael: Correct. Further, they’re actually part of a network. If you take some of the larger wealth management firms, St. James’s or UBS or something like that, these large firms have actually got the problem inside themselves.
Vinay: That’s interesting. Say a little more about that.
Michael: Well, kind of for us it’s “Thank god,” because you can actually go to a large firm like that, and they say, “Our problem is we’ve onboarded a Russian in Hong Kong, they come to Switzerland, they say, ‘Hi, I’m here with the same firm,’ and we say, ‘That’s lovely, but you get to start at ground zero. The data that was acquired in Hong Kong wasn’t acquired for the purposes and all this…’”
Vinay: How we use it, and you wind up…
Michael: But if Hong Kong, on the other hand, has said, “Take this, here it is, it’s yours,” and six months later you come to Switzerland and you say, “Oh, that’s funny. They gave me some weird thing on my phone, which is all these documents. Are they any good to you?” and, funnily enough, the Swiss office can accept the Hong Kong sister’s digital signature.
Vinay: So you have PKI inside of the firm which verifies the signatures.
Michael: That’s right, and then move that up.
Vinay: Right now we’ve got umpteen billion floating around on things like cryptocurrency exchanges, you’ve got a bunch more money sitting inside of ICOs. Most of that money is functionally stranded, because it’s lost the KYC, the AML, and all their necessary identity that would go with it, so you can’t really re-onshore that money. It seems like there’s an opportunity there for somebody to go through and build a properly KYC/AML identity-based blockchain. Do you know anybody that’s working in that direction?
Michael: I know of people who claim that they are, but I haven’t seen the effort I would expect. In fact, in some ways almost every ICO is going through the same AML/KYC, it’s almost ideal for sharing on it. But you’ve got to grab them at that time, they’ve got to see how important it is, quite a few of them have got an attitude thing about US regulation, and so it’s quite difficult.
Vinay: There’s two sides to this, in that we’ve got, firstly, an enormous amount of money that needs things like KYC/AML to be safe to handle legally, but we also have an enormous PKI gap in the blockchain space, in that we’re transferring hundreds of millions of dollars of transactions, billions of dollars of transactions, to keys which are really just identified by somebody pasted to the key in an email, and there’d been some instances of viruses that basically come and attack your cut-and-paste mechanism on your laptop, to replace the key that you pasted with their key. So the predictable madness of running a public key-based identity network that handles real value, but without any public key infrastructure to actually secure the keys, is the current situation of the entire cryptocurrency space — it’s jaw-dropping. If you told us that somebody would try and run an economy that way in the 1990s, when all the people really worried about was PKI, people would have laughed until they fell over. Do you have any thoughts on that?
Michael: What surprises me is how little thought has been given to this, and that’s why I support, as you know, Mattereum and what you’re doing. I think one of the things that does bother me in this space — in fact, I had a discussion with Hugo and Fishal yesterday, we were touching on this — is I think a lot of people talk about insurance when they really mean indemnity, and I draw a distinction.
Vinay: Clarify this. Because this was very useful when you explained it to me a couple of weeks ago.
Michael: Strictly speaking, insurance is something where you have to prove the scale of loss and then you get compensated for that. If I digitally sign somebody identity, I don’t use do care and attention, and it turns out they’re a fraudster of some form.. I loved Rob’s point that we’re all here really to give the 419ers a fair, level playing field, I thought that was really good.
Vinay: Yeah, if you’re unfortunate enough to be a Nigerian prince, have real problems getting things done. If you’re the Prince of the Netherlands, that turns out to be a lot easier to ID. [laughter]
Michael: Anyway, when you’re looking at this, you then lose 50 million. Well, I was just certifying something, and maybe I had momentary lapse of attention or something; that doesn’t seem fair. That leads you up to the next level, which is you say, “Alright, alright. Let’s just have a fixed sum, that’s maybe agreed in advance but still a fixed sum, £10,000 if I get it wrong. And that why I’m charging you, by the way, because I’m going to all this effort to certify these things and you’re using them. If you want an indemnity, have it.” There’s a big difference between the two: one is more like a fixed spent, and the other is genuine insurance.
Now, one of the problems we face in this entire space though is that the regulatory and legislative structure for this is based on single error and you’re guilty, you as a financial institution, and so this is rendering cost-benefit analysis in this space moot. Because I’ve got an infinite potential cost, the regulators basically politically deciding what the fines are going to be.
Vinay: Yeah. This is how we basically frame this, between what we talk about as regulatory risk versus commercial risk, that the regulatory risk’s money is not really enough to compensate for regulatory risk; it only covers commercial risk.
Michael: Right. So it would be really nice if we could have an initiated debate over the next six months or so, where we’re able to get regulators to realise that maybe what they should be doing is turning to the institutions and saying, “We’re going to give you a level at which we will fine you per mistake, so it would be £5,000 per mistake.”
Vinay: And now you have insurable risk attached… Yeah.
Michael: So if I’m running an entity with four million customers, I’ll approach that completely differently than you will with 500. Further, the regulator might be able to give different levels. Even with your 500, you’ve not exactly performed brilliantly, so your level is now £50,000, but mine is still running at a lower level.
Vinay: Yeah. I can imagine a sort of exponentially increasing fine which very rapidly takes out the bad actors.
Michael: Exactly. But this would allow the cost-benefit analysis. At the moment, there’s not a lot of pull from the financial institutions for novel solutions, because the first thing they have to do is look over their shoulder and say, “What does the regulator think?”
Vinay: Yeah, and this means you can’t move any faster than the speed of regulation. This is why I think the cryptocurrency space is such an interesting space to make the move, because the negotiation of regulators is just at the beginning of that process. This has been extremely interesting. Any closing thoughts, Michael? What else should people be thinking about?
Michael: I guess the biggest thing in here is… Maybe if you could just take away that idea of is it about power or is it about probability. If this is all about power, that’s one thing, in which case we’re going to have a top-down structure where we have to know everything, and Rob’s point about a surveillance economy, or surveillance society actually, which is somewhat frightening. Or, do we move to a probabilistic-based one, which is what insurance and indemnity have, basically some type of betting or risk in it. If you do that, then you’re looking at what level of certainty. “I’m 95% certain this is the right sort of person, but it’s only a 50-quid deal, and I’m still insured for £500 if it’s wrong, so that’s well worth doing.” This is going to be I think one of the themes in this space.
Vinay: Certainly on that basis business can be done, and if you can stand an economy up and run an economy on that basis, where basically the computers handle the risks that they handle and insurance handles the rest, that seems like the kind of laminate that’s often successful. A system which is almost perfect, plus something to cover the cases where it fails, that’s a real system, the world actually runs on things like that.
Wonderful — thank you very much! [applause]
All materials from the conference http://internetofagreements.com/identity/
Join the telegram https://t.me/mattereum