Digital Identity is such a thorny problem, fraught with technical, legal, societal and political issues, because there are two different interrelated issues:
- Proving that you are who you say you are (aka access control).
- Control over your Personally Identifiable Information (PII).
Proving that you are who you say you are (Access Control).
Biometric security has to replace passwords and CAPTCHA. Chip and pin works great in a physical stores, but the pain of mobile commerce cuts deep for both buyers (extra friction) and sellers (abandoned carts).
Biometrics is technically interesting, but relatively simple at a societal/political level and not as game-changing as the issue over who controls PII. Biometric security comes down to a simple question:
“what part of your anatomy does Sir/Madam wish to use?”
– Finger. This one scares me. It is hackable, by simply recording somebody’s fingerprint and putting that on thin film. I can change my password if I am hacked, but I cannot change my finger. Also the privacy issues concern me.
– Voice. This has a nice old-fashioned ring to it. Voice recognition is like the banker who recognized your voice. The tech has been brewing for a while and seems ready for prime time. VoiceVault and Nuance are the two leading contenders. Voice is probably better for high value transactions than getting a coffee or paying for a subscription. Talking to my phone in the line for my coffee seems too much like Her.
– Typing rhythm. I never understood why BioPassword did not do better, it seemed so simple and elegant. Maybe mobile changed typing rhythm and created new rhythms around swipe.
There maybe something new that emerges out of smart watches, such as pulse recognition.
Biometrics has to be driven by consumer choice. I have the choice between fingerprint and password on my iPhone (Luddite confession, I choose password).
The choice over access control is so critical because the amount of Personally Identifiable Information (PII) and the power related to that PII is so massive.
Control over your Personally Identifiable Information (PII).
This is what gets into societal and political issues and can change the dynamics of commerce at a fundamental level. There is a reason why Microsoft worked so hard to get Passport established – the upside is massive. There is also a reason why any company that gets close to this prize – whether it is Facebook or Apple or Microsoft – eventually gets consumer pushback.
“10 years from now it may be harder to change identity providers than it is to change countries”
In the West we are used to proving our identity with simple artifacts such as driver’s license, passport and social security number. In the Rest, verifiable identity is the on ramp to financial inclusion. This was brought vividly home to me when waiting in line at a Post Office in NYC and witnessing the desperation of a homeless person being refused a PO Box because she had no physical address. Without that PO Box she would be refused the job she had applied for. She would be an unperson without any official identity.
That digital identity on ramp to society cannot be solved by technology alone. In India they are tackling this through the Unique Identification Authority of India.
I have seen three interesting companies in this space:
OneName and ShoCard use blockchain technology to meet two fundamental needs:
- Trustless and decentralized. Your Identity is not under the control of any institution (either Government or commercial).
- Immutable. Nobody can change a record; they can only append a new record.
Trunomi is more focused on a third fundamental issue – granularity – you can have my driver’s license but not my passport or medical records and you can only have it for this one transaction.
Consumer control over Identity will enable Doc Searls vision of Vendor Relationship Management (VRM). I have been fascinated by VRM since I wrote about it for ReadWrite back in 2007. Some tech disruptions have to wait for a trigger to turn inevitable into imminent. The blockchain based identity systems may be that trigger. A similar vision is articulated in the book called Pull by David Siegel. This is a fundamental reordering of commerce. For all the talk of “customer first” a world where customers are really in charge will be a wrenching transformation for most companies.
This will challenge all the business models driven by big data and advertising. Translation of big data:
“We will assemble data about you so that we can sell to you in a way that suits us and maximizes our profit”.
The reordering of commerce enabled by consumer control over PII changes that to:
“I will buy from you when and how it suits me”.
It is also a fundamental change in our relationship with government. We are used to a world where our identity is granted to us by government. If humans control their their own ID our relationship with government also changes.
This fundamental reordering is made possible by Blockchain technology.
Those who want to take a deeper dive into this subject should check out the pioneering work done by Kaliya Hamlin aka Identity Woman.