By Joseph Weinberg, Co-founder of Shyft Network
In the beginning, there was the internet. Part of the joy of plugging in was the anonymity, the lack of awareness — you could interact with anyone, and anyone could interact with you, and there were no barriers. An ideal way to foster new experiences, but a lousy way to do business. The scientists and engineers who built the internet didn’t care about that; they just wanted you to be able to connect with others at will. The eternal question that hounds the internet is the same now as it was then: how do I know you are who you say you are?
This isn’t only an online problem: the lack of readily available online trust holds us back from potentially greater uses for the Internet. For example, consider the hassle associated with securing a new apartment. Landlords need assurances that you’ll be a good tenant and pay your rent on time. This often requires sharing sensitive information that’s not even pertinent, not to mention relying on credit ratings and other indicators that might not accurately reflect your finances.
After over two decades of being unable to address basic problems like this via online solutions, blockchain technology offers us a way to conceive of a better way.
The Evolution of Online ID
Let’s consider the initial stage of the internet I described earlier as being “Phase I.” With each passing phase, the user base that needs to be served grows exponentially.
The original solution to the problem of online trust was elegant and simple, but clearly not scalable: user names and associated passwords, especially to guard your email services. (Phase II.) Think of these as digital analogs to a debit or credit card and a PIN. With this advent, it becomes clear to most people, consciously or subconsciously, that “ID” is not one thing but two. When it comes to your “light” ID (your email, your blog, etc.), perhaps a user and password solution suffices, assuming decent password standards are in place both at the institutional level and in your daily practices. These practices don’t work, however, for “heavy” ID — your passport, your driver’s license. For these, there’s simply no substitute for visiting a brick-and-mortar government or institutional office.
So at this stage, there’s some level of identification at work, but absolutely no guarantee of any kind that you are who you say you are. You’ll just have to trust each other.
In Phase III, that password/username solution starts to break down. There are simply too many passwords to remember, and they reset too often, and before long you’re reusing them or resorting to variants of “1234” or “guest”, and by then you might as well just leave your accounts open. So we begin to rely on ID managers (i.e. Facebook or Google Authenticator), and for most people, most of the time, this solves the scaling issue by offloading the heavy work of verification over to a trusted third party. No more password management required, save for the ones you use to log into your authenticating services. Again, though, this only solves for light ID — heavy ID remains a digital no man’s land.
As it stands, most users’ “soft ID” needs, as they perceive them, are met for most average internet users. They may not like everything about how Facebook or Google handles their data, but they like that their services work reliably to bring the content and recommendations that are relevant to their interests.
There’s another issue with relying on these services to handle ID. You’re now relying on, for instance, Facebook for your authentication. Sure, this is “free” for the individual consumers, but all that means is you’re forking over your valuable data to a corporation to recklessly profit from. Here, your data has entered a sort of marketplace, except that Facebook is the only profiteer. (To say nothing of other forms of data misuse.) Also, these major services are forming huge, centralized data pools that act as beautiful, lucrative targets for attack. Most internet users operate in this phase, but some are still languishing back in Phase II.
So what comes next? Phase IV of this evolutionary curve — and, eventually, Phase V.
Trust on the Blockchain
In Phase IV, blockchain technology enables users and institutions to transact transparently, safely, and efficiently, with the level of trust we currently associate with heavy ID-level requirements, representing the first time heavy ID goes truly online. This will be possible thanks to the cooperation of major, trusted entities who can serve as issuers of trust. These solutions are being built right now.
This is what my company, Shyft, is working on. We’re working with other networks and jurisdictions to enable users to share personally identifiable information in such a way that the information itself is never stored on the network, with those “trusted entities” handling the storage and simpling posting what we call “attestations” about your data as needed, assuming you have consented.
What could this phase look like? Well, let’s go back to that landlord/tenant example I mentioned earlier.
Once again, you’re interacting with a new landlord to secure a lease. Only this time, you’re both on Shyft, and so is your bank. Without needing to share any additional information (your social insurance number or a copy of your photo ID, for example), your bank could attest to your being in good financial standing, or possessing assets equivalent to a certain financial threshold. This process could be performed almost instantly.
But that’s just one simple application.
New models for online identity
Phase V is the most open-ended and speculative of the phases, but broadly speaking, this is where these new solutions offer a whole new realm of applications and use cases with the help of our ecosystem partners. This phase will also usher in an entirely new model for understanding online identity, one where “light” and “heavy” ID exist as ends of a spectrum rather than fixed, immovable concepts. With this binary becoming a spectrum, a whole new set of models for onboarding disenfranchised individuals open up.
This is how we need to be thinking about the future of trust online, and when we start to think along these lines, there’s no predicting just how liberatory and powerful the internet could ultimately be.