Could blockchain be the backbone of a universal digital identity system?
Innovative financial institutions are increasingly seeing their future as the stewards of identity -- they would serve as the authenticators. Such a system would allow consumers to use a digital token to verify their age when ordering a beer or to log onto an e-commerce site.
But several blockchain companies are looking to play a vital role in the future of identity. For instance, Gem is focused on getting companies within the same industry to share information via blockchain technology. For FIs, one possible solution would be in Know Your Customer compliance -- bank users would be able to vet a customer by relying on the work another bank has already done. Another is Credits.Vision, which is looking to create a blockchain of blockchains, connecting various permissioned and public systems so that a digital identity could be truly universal.
As credit unions and banks plot their future in identity, many may look to partner with blockchain companies also eyeing the space. Suresh Ramamurthi, the chairman and chief technology officer of CBW Bank of Weir, Kan., sees digital identity as a practical use for blockchain. His bank is also working on a risk management system using blockchain and it also partnered with blockchain firm Ripple to enable instantaneous transactions.
"We have the basic technology," he said, referring to blockchain. "When you already have a wheel, you can make a wheelbarrow, or a car. People are discovering any number of ways [to use the blockchain.]"
He also sees it as a potential accelerant and enabler for the adoption of a digital identity system.
"The technology is not very complicated, this is something we could do now," Ramamurthi said, referring to a universal digital identity. "Banks already have to verify identity for KYC; expanding that across the internet is not a very big leap."
As Micah Winkelspecht, chief executive and founder of Los Angeles-based Gem sees it, FIs' role in digital identities would be to serve as authenticators.
"Rather than the banks being in control, should the customer be in control of certain information they could then passport around?" he asked. "There's a good argument to be made for both sides. But banks certainly could act as a certifying body for individual identity on the blockchain."
Using a distributed ledger system would also allow people to retain authority over their identity, Winkelspecht says.
"With blockchain you have the same conveniences of a centralized ID authority but without having to turn over power to a third party."
But in that scenario, financial institutions would still benefit, he said. Today, every time a consumer goes to a new bank for services they are KYC-vetted, even though one bank has already verified them as a customer, he said, adding that this problem is multiplied at large banking institutions where a customer must get verified for KYC compliance over and over again within different departments.
Gem argues that if a group of banks shared a KYC blockchain, institutions could cut costs on KYC collection software. With a shared ledger system built on public key cryptography, banks could authenticate the consumer, and certificates attached to that key could authorize the consumer for certain functions, he said. Besides banking, Gem is partnering with industries like health care on creating blockchain networks to establish trust and transparency and share information between organizations.
Like Gem, London-based Credits.Vision sees creating a better way for banks to share information as an important step in creating a federated digital identity, said Nick Williamson, its chief executive.
The firm is working on creating a blockchain that would connect other blockchains, both private ones being tested by banks and public ones like the bitcoin blockchain. One function of this project could be used for identity, where a consumer could upload their personal details (in encrypted form) once, whether with a bank, credit union, passport office, or telecom provider and the identity could then be used in any other context.
Williamson sees the real potential of blockchain technology as a next-generation, open and interoperable form of public key infrastructure. PKI was developed in the 1970s to secure communications - Bob encrypts a message to Alice with her public key, and only she (or someone who has her private key) can decrypt it. In theory, it's a great way to manage identity, since a message signed with Alice's private key could only have come from her (assuming the key hasn't been compromised). But it's never caught on as a mass-market technology.
"Key distribution has always been a gigantic pain point preventing widespread adoption of consumer-focused PKI," Williamson said. Combining blockchain with PKI could address adoption. From there, banks and others could rely on blockchain's transparent and immutable settlement characteristics "as part of your stack for the onboarding, distribution, and revocation of keys in a way that can be portably transported across independent blockchain networks."
While FIs may serve as the ideal authenticators and potential holders of a digital ID, one obstacle that would need to be overcome is banks' willingness to share data and cooperate, something they've not always been keen to do, said Andy Schmidt, principal executive advisor at consulting firm CEB.
"A difficulty with that model is that it presumes you have one banking relationship," he said. "Most consumers have more than one; if you are able to take your various banking relationships and then designate one bank [as your ID authenticator] that could work, but then all the banks involved would have to share data. Are they willing to give up some control in order to create value for a customer?"
He also said there would "definitely be some security concerns" over such a model, but that ultimately a blockchain-powered universal identity would still be better than the current personal information-intensive model currently used. For instance, the current method of password-based online authentication is faulty, since consumers have to remember different combinations of usernames and passwords for any number of websites, plus many reuse the same password multiple times, which facilitates fraud, argues Winkelspecht of Gem.
"There's no perfect solution, so there's a potential downside to any idea, but the downside to this is less than the downside to the current methods we have," Schmidt said. "I think the blockchain is the most enabling and disruptive technology any of us have seen so far. If harnessed properly, it will revolutionize the way we exchange information."
Although Ramamurthi believes there are not technology hindrances to creating a universal, federated identity, he said it will not happen until governments become involved in driving this. He pointed to digital ID initiatives in Estonia and in India that have seen widespread adoption and were the result of government drive to institute them.
But ultimately, he said, if there is a will to do this, there is already a way.
Despite the hurdles, such as compliance and security concerns and government cooperation, in creating universal digital ID, Gem's Wikelspecht is confident it will one day happen.
"People have to stop thinking about blockchain as fintech; it's not fintech, it's about how do we build a global computer," he said. "And if you have that, how then do we log into the global computer?"
