Identity Management for the Internet of Value
Imagine a store without a checkout line and without cashiers. You, as a trusted customer, could simply walk into the store, put whatever items you want to buy into your cart, walk out, put your groceries into your car and drive away. Since the surveillance cameras in the store have recognized your face and the smart cart you pushed through the store towards your car has tracked all the items you took, the store would simply communicate to your bank to deduct the corresponding amount from your account.
What sounds just as Orwellian as it sounds convenient might soon become part of the not-quite-as-scary future of payments. The magic word in this case is permission. As long as you give permission to the store to use your facial ID and to communicate your identity and the sum of your purchases to your bank, this shouldn’t be much of a problem. Unless you pay in cash, the latter happens anyway and many stores have already begun using facial recognition for various purposes from theft prevention over eye-tracking to targeted marketing.
Identity Proof using Distributed Ledgers
Enter Distributed Ledger Technology. Distributed ledgers, also colloquially called blockchains, are public databases that are maintained in a decentralized manner. A game-theoretic mechanism called consensus algorithm ensures that all parties, who are involved in maintaining such a ledger, keep exactly the same records. Accounts on a distributed ledger, which are often called wallets, consist of a cryptographic key pair. One of these keys (public key) can be handed out to others for interacting with one’s wallet (e.g. sending transactions), while the other one (private key) is used to access the wallet.
Leveraging the power of cryptography, we might be able to find a solution for identity management that satisfies both the need to prove one’s identity, as well as maintaining privacy. An example for this is Bitcoin’s pseudonymous inventor Satoshi Nakamoto. Up to this day, nobody knows Nakamoto’s true identity. However, we know the cryptographic public key that he used in order to mine the Bitcoin blockchain’s first entry (genesis block).
If somebody was able to access the wallet corresponding to the public key, it would be an undeniable proof that this person is in possession of Nakamoto’s private key. Hence it would suggest that this person is Satoshi Nakamoto himself. In fact, this proof of identity even stands up in court.
The Australian computer scientist Crais S. Wright is currently fighting several lawsuits that revolve around his claim to be Bitcoin’s inventor. In his largest legal battle against the brother of his deceased business partner, the court has ordered Wright to attest his identity as Satoshi Nakamoto by producing the private keys that secure Nakamoto’s Bitcoin funds, worth roughly ten billion US-Dollars.
Putting Blockchain-based Identities into Practice
Some of the most basic functions of distributed ledgers make use of hashing algorithms. Simply speaking, a hashing algorithm takes a fingerprint of any given input data. This algorithm is deterministic, meaning that inputting the same data always results in the same hash value. On the reverse side, it is not possible to determine from a hash value, which input data generated that value. These properties account for the immutable and tamper-proof nature of distributed ledgers.
The same power of hashing algorithms can also be harnessed for identity attestation. Of course, you wouldn’t want to store all the information on your ID on a public blockchain. But if you would aggregate all the information and put them through a hash function, you could publish this fingerprint of your ID, as nobody is able to retrieve your personal information from the hash value. If you then share the information on your ID, for example with a bank performing a KYC check, together with the hash value, the bank could verify that the information you gave them indeed produces the same hash.
Of course this alone wouldn’t tell your bank much, aside from proving that your personal data hasn’t changed. Let us further assume that a trusted entity, such as a government agency that issues ID cards takes such a fingerprint and publishes it. Since it was a government agency that published the hash, your bank could now verify that your ID is actually valid.
If you think this example one step further, the government agency could also associate your ID with the public key of your blockchain wallet. If you now produce your private key, for example by signing an encrypted message, you can prove that you’re the rightful owner of the public key and thus attest your identity, without ever sharing your personal information. This granular approach to data sharing means that you can share as little information as possible, but as much as needed for your intentions.
Identity Management with Shyft and Algorand
Now as we all know, governments are typically very slow to adapt to technological advancements. Instead of relying on a government agency to perform all of the attestation functions, any trusted third-party service provider can do the job as well. Of course you will need to perform a single KYC/AML check to prove your identity to the service provider. Afterwards though, the service provider is able to attest your identity both transparently and confidentially.
Shyft Network is a public blockchain protocol for data aggregation and identity management. By aggregating encrypted data in a transparent and secure fashion, they are building an authentic reputation, identity, and creditability framework for individuals and enterprises. For this purpose, Shyft has already partnered with three governmental bodies to ensure compliant KYC procedures with financial institutions, healthcare and telecommunication providers, government services, and many more.
The Shyft Network connects data custodians with data consumers, while letting users remain in full control over their data. As such, they can revoke the consent to share data at any time. Shyft does not share personal data on public networks. Instead, all sensitive data points remain stored on external databases, while only encrypted attestation metadata is stored on public or permissioned blockchains.
Recently, Shyft has partnered with the blockchain network Algorand, which brings benefits to both parties. Shyft can make use of Algorand’s high performance blockchain, while Algorand uses Shyft as an identity layer for the growing Algorand ecosystem. This gives users the ability to seamlessly attest their identity at the various decentralized applications running on the Algorand smart contract platform. Additionally, this will improve Algorand’s interoperability with other blockchain networks and allow financial institutions in the Algorand ecosystem to conduct identity checks with regulatory compliance.