Blockchain and Crypto
Do we need blockchains to build digital identities?
- Despite industry-wide excitement about blockchain as a solution to identity, blockchains solve a tech problem, whereas identity is a people problem
- Because blockchain technology removes the need for trust, providers of blockchain technology could be good partners for banks' identity solutions down the road
As banks plan their future in identity, either as providers of identity services for security or as authoritative identifiers of customers across industries, they could start to partner with startups working on blockchain based solutions to the fragmented system. Blockchains and shared ledgers let different companies, organizations or other entities rely on the same source of customer data and other personal information -- one that’s secure, auditable and looks the same to each party. Of the many startups looking to tackle digital identity, at least a dozen are focused on using blockchain technology to find solutions, including Blockstack Labs, Trunomi, uPort and Hypr. We asked attendees at the K(no)w Identity conference in Washington, D.C. to share their views about blockchain technology’s role in the growing digital identity space, and how heavily solutions rely on it. David Birch, director of innovation, Consult Hyperion “The characteristics of shared ledgers are actually to do with transparency. If we take blockchain technology and try to shoehorn it into pretending it can run credit cards and stuff like that, it isn't quicker, it isn't cheaper, it isn't better in any way. If you take its characteristics and say ‘what can we do differently because of this,’ the thing that stands out to me is transparency. The blockchain as it is now, its heritage is payments because of bitcoin but in reality its future is in a whole bunch of other things and i think one of the biggest pain points is identity. Banks would tell you the costs that are unmanageable are the costs of Know Your Customer, anti-money laundering and counter terrorism finance. Blockchain isn't fintech, it’s regtech.” Laura Spiekerman, cofounder, Alloy “From a data sharing perspective there’s a role blockchains can play. What I hope happens is that blockchain solutions will become one data point and that over time, whoever is using them is able to prove that it’s effective, which in the long run is meaningful to regulators and financial institutions. It’ll take a while. There are interesting initiatives to create, effectively, databases of people, but I don't think in the next five to 10 years financial services, banks, regulators, auditors will rely on that at all. In order to be part of the regulated financial system you have to use an existing trusted database, which means it’s not going to be blockchain oriented. It’s going to be LexisNexis, it’s going to be the credit bureaus, the old, boring databases we already know. They’re not totally effective but the regulators know them and that means that everyone that’s on the chain has to use them.” Matt Thompson, director of digital business development, Capital One “This is just a platform to get us from where we organize to the objective. Blockchain is just another technical platform that enables us to do more things in different ways but at the end of the day it’s just a platform. It has beneficial application to identity management principles around security and privacy, but it certainly isn't required. And it certainly owns be the only platform that’s used to enable these trusted services. We're certainly taking a close look at how companies are looking are using blockchain to enable privacy and security respecting identity management principles and seeing where there might be applications within Capital One.” Andrea Tinianow, division director, Global Delaware “You need distributed ledger technology to solve the identity problem because you want to be able to maintain information about each individual person without breaching their privacy and you need to make sure it’s secure and cannot be changed. DLT you get the best of both worlds. If you don't have DLT that means all the information is in the central depository -- which can be attacked, which can be changed. It means you have to change the central body and I don't think people are willing to do that anymore. If we’re going to give away information -- everyone’s most private, personally identifiable information -- in one place, it needs to be so secure. For that information to be effective it will need to be shared securely and perhaps with a de-identified identifier.” Steve Ehrlich, lead analyst for emerging technologies, Spitzberg Partners “Blockchain technology removes the trust from some central party, and in theory can give it back to the individual so they can utilize their applications, wallets smart contract libraries to dictate the terms under which they're willing to share information, and they can revoke them if they want to. They don't have to trust them. If, for example, they say to Google ‘delete my information, I want to give it to somebody else,’ you don't have to trust they're going to do that. You can be sure based on code that you have the sole right to do something like that. You don't have to have blockchain technology. There are a solutions short of it that are improvements of what we have today but requires you to trust that whoever is collecting your data is going to abide by the privacy policies, is keep data secure and not use it for any purposes other than the reason they're able to collect it from you in the first place.” Frances Zelazny, vice president, BioCatch “The chain itself is considered trust, but if the beginning is compromised then the whole chain is compromised. You still need to look at the overall ecosystem to ensure that the entry point is just as secure as the transmission to the end. The Blockchain technology has a place but it should not be considered immune to hacks. If you compromise a blockchain, you’re back to the beginning. It doesn't take away the need to still add additional layers of security on top of the whole chain or to detect for anomalies in the behavior of who’s accessing the chain.” Travis Jarae, CEO, One World Identity “It’s not a technology problem we’re solving for. We have a lot of great technologists and technology but right now were trying to solve a people problem. Blockchain does a good job at giving us an easier way to explain identity and pass it off to other people in a secure, private way but there are other technologies that can do the same thing. It’s a foundational platform. Think of the Internet. Google sits on top of that as a universal or foundational platform and you can create a product or service and plug into it without having to build a whole platform. It’s just naturally easier for customers.” Kim Sutherland, senior director of fraud and identity management strategy, LexisNexis Risk Solutions “Blockchain is not gonna be the super solution for all digital identity solutions but there seems to be a lot of interesting pilot projects underway leveraging concepts related to blockchains for things that are more peer-to-peer related. We've tried to understand how blockchain and identity and fraud and authentication all can work together; if there is a way to leverage this in a commercial organization and with government agencies. Most scenarios have been for smaller populations, unique use cases that really fit the model.”