Skip to main content

Why bother with the blockchain for identity?

As my former colleague Salome Parulava rather succinctly described last year, we must distinguish between two different areas of overlap between 

First, “Identity for Blockchain”, assumes that if blockchain platforms… gain adoption that is at least 10% as widespread as the industry’s attention to them today, there will be a need for a robust and reliable identity layer to manage KYC, AML, authentication and authorisation processes for shared ledger applications.

From “Identity for Blockchain” vs “Blockchain for identity”. What’s in it for Airbnb? | Consult Hyperion

xxx

xxx

Second approach could be called “Blockchain for Identity” and it formulates a separate self-sustained class of use cases. It assumes that blockchain technology can enable solutions to known identity problems

From “Identity for Blockchain” vs “Blockchain for identity”. What’s in it for Airbnb? | Consult Hyperion

It’s this latter category that interests me at the moment. As Sally pointed out last year, there are some specific problems to do with interoperability and discoverability that might be approached in a different way. Let’s to pause to clarify a couple of definitions. First, I want to distinguish between attributes (such as IS_OVER_18) and credentials (such as dave.birch!Barclays#IS_OVER_18).

Oh wait. As you can see here, I’ve invented a new shorthand. So the attributes are facts about me (the first party) that you (the second party) want to know. Credentials are attributes about me that are not useful to you unless they are attested to by a third party and they can be presented by the first party for verification by the second party. So you, the pub, want to see an IS_OVER_18 credential and I present you with an identity dave.birch!Barclays (that’s a public key of mine signed by Barclays private key) and you can check that identity, see that it includes the IS_OVER_18 attribute and then (assuming that the identity hasn’t expired ) you can serve me a drink. In the case of some other credentials (IS_A_UK_RESIDENT) you might want to ping Barclays to make sure that the identity has been cancelled (because I’ve moved out of the UK). So you get the general idea.

Note one particularly interesting aspect of this architecture. In the example I used, my identity was dave.birch!Barclays but it could just as easily have been mr.x!Barclays and that wouldn’t make any different whether you serve me a drink or not. As I have written here approximately monthly for a decade or so, we need to make our transactional space one where attributes, not identities, are transaction enablers.

My good friends at Meeco along with a group of people I take very seriously in this space have just published their report “The Rise of the Attribute Economy 2.0” that explores and examines this kind of thinking.

Now, suppose all of the banks issue these credentials to their customers. This would be immensely useful for several reasons. 

 

I could store the CRUD on my phone or on my laptop. But then I might lose it. So instead, let’s assume that the banks get together a create a shared ledger to hold all of their CRUD in one place. Now, when I want to open a new bank account or start internet dating or put a monkey on Man City half way through a game courtesy of noted actor Ray Winstone, all I have to do is point to a relevant piece of CRUD. Now the pointers to the CRUD will easily fit on my phone so no problem - I can download them from my bank whenever I get a new phone, it’s no big deal -

Let’s try a worked example. I want to start internet dating. I go to Ashley Match and click to open an account. Ashley Match Asks for a virtual identity. I choose Mr X at Barclays, an identity that contains only two facts about me: that I’m over 18 and I am resident in the UK. The fact that the credentials are attested to by Barclays also tells Ashley match that Barclays know who I am, which as I have mentioned before, means that I cannot misbehave behind my pseudonym. Ashley match now go to the chain and look for this identity. They find the Mr X creation records and look along the ledger to see if that identity has been updated or deleted (they don’t care if it’s been read by someone else). It hasn’t. But now they need to know that I am the actual owner of Mr X so to speak

Comments

Post a Comment

Popular posts from this blog

Euro area card payments double in a decade

xxx "The number of card payments in the euro area have more than doubled in a decade as consumers increasingly dispense with the hassle of carrying notes and coins, according to the latest statistics from the European Central Bank. In 2018, card payments accounted for almost half of the total number of non-cash payments across the single-currency area. Credit transfers and direct debits were the second and third most common non-cash payment methods, accounting for approximately 23% each, while e-money and cheques together made up around seven percent. However, the relative popularity of each type of payment service still varies widely across euro area countries. In 2018 card payments accounted for just over 70% of all non‑cash payments in Portugal, compared with around 23% in Germany. The stats show that the number of card payments made by consumers and businesses has more than doubled in the last decade, with an average of 121 card payments per capita in 2018, compared with
Post a Comment
Read more