PikcioChain Weekly AMA
Original Publishing Date: May 2018
Updated: Aug 2018
In an effort to provide you all as much information as possible, we’ve introduced our weekly #PikcioAMA contest. Every week we choose three of the most pressing questions posted in our Telegram group and we ask our core team members to answer them.
This article actively collects all questions posted by our community and the corresponding answers given by some of our core team members.
The core team members to answer your most pressing questions are PikcioChain founder and CEO Didier Collin de Casaubon, co-founder and head of research Dr. Jorick Lartigau and our lead strategist Gonzague Grandval.
In order to prevent you from scrolling too much, we will keep the most recent questions on top. If you’re excited to watch all weekly Q&A’s, check out our Youtube. After that, make sure you join our community on Telegram. Have fun reading!
Q. With the type of documents for KYC varying from Token Sale to Token Sale (some ask for Country ID; some Passport; some proof of residency), how does Pikciochain intend to collect KYC data that complies with each specific Token Sale Projects needs?
A. Certain Token Sales from specific domains might need some additional information. These are custom fields and every Token Sale is able to require custom fields for you to update your KYC (not from scratch but just adding the missing fields). One thing I really like to mention is that for every new token sale a new selfie will be required. The Selfie will be a way to sign the new participation. It’s also a way for us to comply with the regulatory guidelines.
Q. What are the benefits as well as challenges for PikcioChain collaborating with FinTech companies such as TechCode, Bahrain FinTech Bay and BNP Plug and Play.
A. It’s a good driver to get in touch with big pools of companies and corporations that work in finance. Thanks to these programs we are able to assess many corporations at once. We also have a lot of support, for example from BNP and Bahrain FinTech Bay, and at the end of the day this makes things easier for us to sell the product and service to companies. The challenge on the other hand is, that it’s pretty tough to be part of these kind of programs. We have over time to defend our product, service and vision. This is something that is time consuming and takes a lot of effort but in the end it has always paid out. All these programs are a big opportunity for us and we are going to continue them and broadcast news about it.
Q. In situations where individual data verification failed due to forgery or use of a fake identity, how does PikcioChain handle the issue? Are you obliged by law to report to the authorities?
A. The KYC process is made through the application but there are tiers to it. Every tier, every piece of information that you provide (proof of residency, ID card etc.) we have decision support tools that process from an algorithmic mechanism the piece of information that you provide in order to assist the KYC validation. Everytime you upload an ID card, there will be an ID check that can detect fake or forged ID cards and it will raise a red flag which will be reported directly to the team running the token sale. Then we have a decision process to determine if the uploaded ID card was maliciously forged or it was done just by mistake. Based on the decision we have a walkthrough that can lead potentially to involving the authorities but this will be in extreme cases. Otherwise we are not obliged by the law to do so.
Q. What position does PikcioChain ultimately aim for in the medical field? Is the secured connection and data storage for the telemedicine application the intended use, or does PikcioChain envision to enable a distributed secure data storage system for example for electronic patient files used continuously in hospitals?
A. We are making good progress in the medical field. It’s a tough area to tackle as there is a lot of certification and regulation you have to comply with. At first we are aiming for something very simple which is to secure the application between patients, doctors and hospitals. So basically we built a secure channel for data exchange. We don’t aim to store the data on the PikcioChain, that’s not the intended goal here but we want to move forward step by step in a secure way and the first step is to secure the communication. In Europe, when you want to store health data you have to comply with very severe and strict rules that are useful of course but also expensive to comply with. What we want to do is to enable a direct communication line between patient and doctor so there is no need for certification or storage on our infrastructure. The data is basically stored by the patient himself and the doctor receives in on the other side. This communication layer will enable the tracking and auditing of the data exchange. In the future we’ll look at developing more use cases regarding patient files and medical records, however the communication layer is the main focus for now. This is the first step and we will keep you updated with our progress along the way.
Q. Does Pikcio have any revenue stream at the moment, any paying costumers? If not, when do you estimate that that will happen and when do you turn a profit?
A. As for now we do have customers, especially in the financial field (with two big clients like BNP Paribas) and a regular income stream. We are not profitable yet but we expect to be by the end of the year.
Q. Please describe a project using Pikciochain. Can you give an example of real customer/concrete data and describe the data exchange (request lifetime and path) of this model.
A. One of the projects that we developed for BNP Paribas (big bank in France and Europe) will soon be released for their direct customers. It’s credit subscription. Today when you want to subscribe for credit you have to go fill out a lot of compliance forms regarding your identity (KYC). You have to provide your ID card, salary sheets, utility bill etc. and all this is annoying for the customer. Only 1 out of 10 reach the end of the form. What we aim for is to automate the whole process and make it easier for the customer and easier for BNP to validate that the data is correct. We directly connect the data providers that BNP needs: for a utility bill we directly connect to the energy provider, for salary sheets we directly connect the employer, for taxation bill the french taxation system and so on. We build a very strong KYC profile for the client which is saved on the PikcioChain and therefore the client is able to move from one service to another. For example, as a subscriber for credit who would also like to subscribe to the insurance linked to the credit: basically with one click the PikcioChain will ensure that the KYC from the credit goes to the insurance. Also in development is the ability to port your KYC from BNP to other BNP partners. This will provide the user with a simple method to move his identity from one company to another.
Q. Isn’t having masternodes and PoU competing for different model? A collateral for a masternode encourages locking a certain amount of PKC while PoU encourages spending of PKC. How will you balance between the two?
A. PoU is a good choice for stimulating usage of any kind of users, whether they are corporate or private individuals. A masternode is a totally different thing, it’s the pillar of the system. Every time a transaction or a smart contract will be issued, it will be up to the masternodes to validate and close the block. But at the end of the distribution of the transaction-fees they will get within one block, they will be partly re-distributed among the one that spent PKC during the past block. What I want to say is that it’s really a matter of percentage. Basically masternodes take a percentage of the fees that were included within the coming block but the parts will be redistributed to the one that used the service during the given time of the given block. It’s like an incubated system, we can incentivise users to use the chain while having the strong structure that a masternode style architecture offers. The lockin and required amount of tokens for masternodes is not yet defined. This is a policy that we need to decide on once and for all and we are still in the discussion of what the metrics will be.
Q. What are the benefits of PoU to an individual with PKC tokens. How can they use PKC tokens as part of the platform? Or is Proof of Usage mainly targeted at companies?
A. PoU (Proof of Usage) is for both companies and private individuals. PoU is designed so instead of the stacking effect that often happens in PoS (Proof of Stake), the exchange of data will have a value that is monetized over the network. To stimulate that, PoU is not randomly selecting a token from the global total supply balance within the network but is selecting a token within the past block. if you are in the block, it means you are spending PKC. In the end you have a chance to be rewarded for it like a lottery. The goal is to also stimulate the use for private individuals and not only for companies. PKC will be used on the platform but also with every dAPP that we build.
Q. Can you clarify the utility of the PKC token? How can it be used in the platform and how do you see its utility evolve over time?
A. PKC is for every project running on the PikcioChain. From a corporate perspective: we mainly work with financial institutions that manage, certify and exchange KYC. This process costs money for certification, portability, exchange etc. and all these costs are supported by PKC. From a private individuals perspective: PKC is being used for dApps. We are going to release the first version of the wallet application where you can create your own KYC and have this KYC portable from one Token Sale project to another so you don’t have to register over and over again. This exchange and KYC provision will be in PKC as well. Further usage will come over time as the application of the wallet and the token sales develop. We are going to have more features and introduce more usage and advantages if you have PKC. We have a very ambitious but also realistic roadmap regarding PKC usage and you are going to be very pleased with what’s coming.
Q. What roles do Praxiling and Epsylon Lab play as partners?
A. They are specialised around user experience and really focus on cognitive recognition and response regarding specific design and ergonomy. Our goal is to provide tools and metrics to quantify how we could improve the user experience through any kind of application. What’s really cool about them is that they quantify the human response toward the application and the usage on top of that. They also have a task group regarding data privacy: What is privacy? What is the meaning of privacy? What people think of and hear about when you tell them about privacy. The definition of privacy is vague when explained from one person to another. The goal is to translate the more common definition of what could be data privacy and to build upon tools and applications where users will feel that this is a application where they really respect my data privacy and where I can control it. We work with them because their expertise is really wide when it comes to data privacy, cognitive reception towards ergonomics and design and they also partner with Epsylon. Epsylon is related to psychology and cognitive response towards an application. They are really cool partners and we are proud to have them.
Q. If I revoke access to my personal data from someone, the blockchain would have a hash pointing to nothing useful. Would PKC blockchain be bloated or have bad performance if someone allow/revoke access to personal data millions of times ? Can we imagine that as a possible attack from hacker/competitor/etc… ?
A. Everytime you make an operation on the chain there are counters in place that will restrict a users access for a given time as a security measure to avoid over-bloating of the system. We are also able to blacklist user IDs if they show bad behavior on system. As you can see we have mechanisms that take care of these particular issues and this is something we have focused on when we were designing the chain as it is one of the easiest ways to attack the network.
Q. Taking in consideration that more than 80 nations have legalized online gambling and that Europe has the largest online gambling market in the world, can PikcioChain (and “The Wallet”) be an option (for identity verification) for the online gambling industry (for their KYC and AML procedures)? How will PikcioChain approach this multi billion market?
A. That’s actually an awesome idea that we didn’t tackle so far. You are absolutely right, since we are able to build KYC for banks, insurances and very secure institutions, our KYC can also apply for industries like gambling. However, this is not a domain we have approached so far, maybe because we haven’t had the right contacts to the industry yet. If any of you are interested and think it’s a great idea, please don’t hesitate to share relevant contacts with us. I believe this is a high potential market with a real need of KYC and general identification of the user
Q. Does PikcioChain intend to use eye scan or fingerprint coupled to blockchain tech for identification purposes?
A. PikcioChain is all about decentralization and decentralization is essential for GDPR compliance. Instead of being stored in a central repository, PikcioChain stores users data, including biometrics, on the users personal device, where the data is encrypted and secured. Of course institutes such as governments may also collect this data, albeit temporarily, to authenticate you. However, in the future this authentication will be based on the certificate of your personal ID stored on the blockchain. In that sense, PikcioChain can indeed work with eye scan and fingerprint data for identification purposes.
Q. Will PikcioChain provide help to its clients in order to prove GDPR compliance, for example in the form of a legal explanation or independent audit?
A. At PikcioChain, we focus and help companies on data collection and certification. Moreover, we focus on customer consent on one side, while also providing companies the audit trails they need to exchange personal data in a compliant manner and to apply the right to forget.
The changes brought in by GDPR will affect companies of all sorts. While PikcioChain supplies the platform for a compliant manner of personal data collection, certification and exchange, we believe any sort of legal backing or auditing should be performed by third parties.
Q. How do customers change their KYC information to remain up-to-date when using The Wallet?
A. The Wallet is one of the core features of PikcioChain. It is the main interface that the individual, or the supplier of data, will use to access PikcioChain. It’s main usage is to build a KYC profile once and for all that can be used across all sorts of services (such as other token sales across the blockchain space).
Ofcourse personal data is not static, information might change and documents might have to be renewed. That’s why each time the user decides to use his KYC profile he or she will be asked to review and, if required, edit his KYC profile by replacing or submitting new documents. After this the KYC process (personal data verification) is automatically redone and the certificate of this process stored on the blockchain.
Q. Could you further explain the partnerships with PWC, EY and Capgemini?
A. We strongly believe that, as a relatively new company, we shouldn’t remain alone and by ourselves. This is not good for our company but more important it will not contribute to wide adoption of our technology. What we’ve been searching for is support coming from partnerships with relatively large players in the industry such as PWC, EY and Capgemini. These partnerships will help us to deploy the PikcioChain product with as many clients as possible.
EY and Capgemini will play a large role when it comes to the support and integration of our technology into different projects with different clients, while PWC has taken on a consulting role for a wide variety of aspects.
Q. What will make PikcioChain stand out from competitors in it’s field? What kind of plans are there for expansion?
A. Blockchain technology is relatively new when we are talking about mainstream adoption. Of course we have the advantage of being one of the first to be working in this field, especially when it comes to compliance, personal data and the portability of personal data. This is a strong advantage and of course we will need to stay ahead of (future) competitors.
When we think about what makes a product great, one of the main aspects is the ease of use and the ease of adoption. This applies to not only the individual using PikcioChain through The Wallet, but it also applies to companies using our product for KYC purposes or data processing in general. We believe that this is something very important to focus on. There are a lot of companies working on great ideas and accordingly great products, however a lot of these ideas and product never get to flourish because of bad implementation.
PikcioChain aims to have (future) partnerships with strong integrators in order to increase the ease of use and ease of adoption of our product, while expanding the possible use cases and clients.
Q. How will PikcioChain tackle and convince the medical sector to adopt PikcioChain technology?
A. The health sector is often one of the slowest sectors when it comes to integrating technology in to daily procedures. However, with regards to blockchain technology it’s being acknowledged as a high value opportunity quite fast, especially when regarding the safe storage, control and transfer of personal medical health data.
As PikcioChain we are moving forward slowly and carefully in this area. We are working together with multiple parties in this sector to convince all the relevant players in the field, being governments, hospitals, doctors, insurance companies and the individuals themselves, of the importance of this technology and what PikcioChain can do for them.
Q. Regarding GDPR, may a data owner decide to allow his or her data to be taken outside the EU for monetization purposes?
A. GDPR stipulates that as a business you cannot move EU citizen data out of EU borders. However, this is only applicable if you as a data owner do not consent to the data being moved beyond EU borders. This is the exact purpose of the GDPR, to give the data owner control over what happens with his or her data. Thus, if the data owner allows it, data may be moved outside of EU borders.
It’s important to note here that PikcioChain does not store data. However it can activate the movement of data, again, with the consent of the user.
Q. Have you looked into expanding into China and is PikcioChain “China ready” with regards to their data privacy standard?
A. On January 2, 2018, the Standardization Administration of China released the final version of the national standard on personal information protection. The standard came into effect May 1st, 2018. It’s very comparable to GDPR in the EU. With that in mind PikcioChain is in general “China Ready”. We are taking our first steps in China by looking into IoT applications and especially connected cars.
Q. Does PikcioChain intend to integrate into telecommunication projects?
A. PikcioChain has ongoing discussions with telecom providers in the Middle East and Asia, regarding the development of a specific product aimed at the certification and exchange of mobile data, including localization data amongst others.
Q. How does pikciochain plan to encourage companies who hold token sales to integrate with the PikcioChain Wallet and platform?
A. As PikcioChain we don’t only have the technology to offer to other companies, we also offer full compliance for the existing regulation (such as GDPR). For companies looking to hold token sales or process KYC for any purpose, this is a huge issue to overcome. The product we offer overcomes these problems and on top of that offers an easy to use product for the user and an easy to implement product for the company, allowing for easy adoption of the PikcioChain platform.
Q. How is Pikciochain going to handle scalability and what are your solutions
A. Scalability is important with regards to public blockchain solutions. For PikcioChain, scalability will be less of an issue as we are looking to create different channels through which the transfer of data and data processing will take place.
Q. Can PikcioChain share personal data under special or mandatory request from the government?
A. PikcioChain does not hold any kind of data. PikcioChain is designed to only hold the certificate of data and it’s trustability. What PikcioChain does know is where the data is held. In that sense we can only share the location of data, where the data is being held, but we cannot share the data itself.
Q. How were the reactions after successfully selling out the Token Sale?
A. The reactions were overwhelmingly positive! A lot of questions from more conservative parties regarding what we have exactly established with our token sale and what it entails, so we will have to keep educating everyone on our blockchain technology.
Q. What is the current status of the PikcioChain office in Beijing?
A. The PikcioChain office in Beijing has been moved to Shanghai! Together with one of our partners, Techcode, we have decided to open up our office in Shanghai instead of Beijing. The office is operational and aims at expanding the PikcioChain product, it’s partnerships and it’s clients in Asia.
Our other PikcioChain offices have been established in Paris and Montpellier in France, Lausanne and Zug in Switzerland, Boston in the United States of America, Bahrain and we are looking to open an office in Kuala Lumpur soon.
Q. What is the PikcioChain view on global adoption of GDPR?
A. PikcioChain has been built with GDPR in mind. A lot of regulation now and also future regulation worldwide is based on some parts of GDPR. Regarding that PikcioChain is ready for a lot of changes that are about to come with regards to the regulation amongst the collection, storage, certification and exchange of data.
Q. What is the timeline for the launch of the medical information part of PikcioChain?
A. The medical information use case that we have been working on in the past months has been put on hold. Reason being a lack of a good partner to co-develop this use case and distribute it on a large scale.
In the recent weeks however we have been making good progress with regards to new partnerships in this sector and we should have an announcement on this soon.
Q. Have prospective clients ever turned Pikciochain down? If yes for what reason and how can you counter it?
A. When we approach possible clients we try not to talk about technology too much. Blockchain is still relatively new for a lot of our possible clients, so we focus on existing problems and possible existing solutions. For us that means showcasing PikcioChain, the ease of use for the client and its clients and thus the ease of adoption and integration.
The objection often comes when possible clients realise that we are still a relatively new company with a relatively new solution. We counter this by working together with our partners being PWC, EY and Capgemini as these partnerships are a testament to the legitimacy of PikcioChain.
Q. Why did PikcioChain CEO Didier chose to sacrifice his prestigious CEO image and become a legend by making his own GIFs and Stickers?
A. Remains to be answered.
Q. How does “proof of usage” work? What makes it different from proof of stake and regular mining?
A. Please let us refer you to the Q&A’s for Week 15.
Q. What are the latest developments in regards to the transfer of personal data over cross chains between Pikcio and Ontology?
A. So far, our efforts on cooperating with Ontology have been on a talking level only. Our main focus now is to finish the main PikcioChain product and have it ready for release and integration with possible clients. However, we will surely have more information regarding our cooperation with Ontology soon.
Q. Why have you developed your own mining algorithm, what’s up with that?
A. PikcioChain has created its own proprietary mining and consensus algorithm called Proof of Usage, or PoU in short. PoU is a combination of Proof of Work (PoW) and Proof of Stake (PoS), based on the work of Bentov et al. on Proof of Activity (PoA).
PoW, PoS and PoA all want to reward miners and stakeholders in order to realize multiparty computation. But when looking for the best blockchain solutions, it is not only important to look at the infrastructure they provide, but to also judge them from the usage perspective. When a business revolves around data generation it’s very important which infrastructure is used and how it is implemented, so these 2 aspects cannot be separated from one another.
The consensus mechanism is the underlying process on which distributed ledgers rely. Therefore, the first objective is to insure that various parties inter-operate as a whole to sustain a reliable and safe network. PoU (Proof of Usage) is introduced as it is fundamental for Pikciochain to build an incentive model where data owners, e.g. individuals, will be rewarded. Indeed current models around personal data monetization do not encompass users i.e. rightful data owners. Additionally the objective would be to overcome the stacking effect from PoS to encourage usage by spending over retention.
Proof of Usage aims to a build a tangible ground for data provision, certification and exchange in the PikcioChain. PoU relies on the same core process as PoA, but with an additional redistribution layer to original data owners and / or certifiers. It also uses a last-block-satoshi method instead of the follow-the-satoshi, to speed up and linearize the time spent finding who is the current satoshi owner from the total satoshis exchanged in the block. Additionally PoU does not incentivize stakeholders to hoard the coins, but rather to use them, while also avoiding self rewarding. Therefore having a platform that revolves around the transactions of data implies a business model of payment incentives with redistribution of rewards at the consensus level.
“Proof of Usage: How it works
Because follow-the-satoshi selects a random coin number, it incentivizes miners to increase their stacks as to increase their chances of getting the rewards. This effectively incentivizes hoarding v.s. spending. Proof of Usage uses a follow-the-satoshi-in-block, meaning a coin will be selected in the last blocks randomly from past transactions within the last N blocks. Therefore the identification of the owner for whom the coin was selected will be faster and only the transacted coins will be taken into consideration. Coins sent to yourself are not included in order to prevent self-rewarding. And even if an actor would try and game this by sending tokens to wallets he owns he will end up spending more in transaction fees than he would get.
Time is divided into subsets called time slots. For a given time slot a block header is defined using the hash of the previous block, the miner’s public address, the height relative to the block index and a calculated nonce for a given difficulty proven fast enough to avoid computational effort losses. When a miner reaches a hash matching the current difficulty i.e. N zeros in the calculated hash adjusted with the nonce, the block header is broadcasted on the network. The header hash is derived N times for N satoshi within last X block transactions.
Each selected stakeholder signs the block header, collects and validates transactions that are broadcasted over the network to accept or refuse incoming blocks from the winning miner. Once the timeslot reaches the end time, the miner wraps up the block and redistributes the fees. The PikcioChain company gets the transaction fees for the transactions including the N satoshi . Thus split M% to all data owners and certifiers for who a PKC exchange occurred. The miner himself gets X% of the remaining transaction fees. Each stakeholder is credited of Y/N% of the remaining transaction fees.”