Much of human progress has been based on our ability to build trust and cooperate, and this has rung true throughout the ages. But it’s hard to build trust when our communities are growing ever larger. We still rely on face-to-face interactions to open bank accounts, but this doesn’t scale in today’s online world. Trust brokers have developed to help expand global trade. More recently, credit bureaus have underpinned our global economy. These bureaus were created 150 years ago, when two brothers started selling a “little blue book” to grocery stores. Inside, grocers could find a log of trusted people, which would include your name, your profession and whether you paid your debts on time. These logs were consolidated, eventually growing into the centralized credit bureaus we know today.
I first came across the downside of not being in the “trusted” bucket when I turned 10 and my parents moved from Iran to the U.K. I remember them not being able to rent or open a bank account for many months. This concept of not having the access others have and being excluded because your name wasn’t on “the list” was confusing to me as a kid, and it later inspired me to start a company focused on making identity the key to access. Twenty years on, the credit bureau system still baffles me for a few key reasons.
Let’s first consider that half of the world’s adult population is underbanked or unbanked and doesn’t have a credit bureau record. This means they are excluded from accessing basic services and also financially penalized. For example, some have to pay up to 16% in remittance fees, rather than the approximately 1% that those with access can enjoy. Is that fair?
Access and exclusion are only the start. Although the credit bureaus are paid to stop fraud, they unintentionally make it worse by aggregating all the data fraudsters need in one centralized honeypot, which is then at risk of being hacked — incidents which are becoming all too common. When the trust brokers are broken, the money launderers win. It’s estimated that up to 5% of the world’s GDP is made up of laundered money (used in terrorist financing, human/drug trafficking, etc.), and less than 1% of this is seized by authorities. This is a shameful stat. Which other industry has a 99% failure rate?
Privacy is the third concern. People don’t necessarily know or consent to the huge amount of data held on them by bureaus. Frankly, they often find it creepy. The issue here is that every service we want to access has to hold a lot of information on us, which exponentially increases the likelihood of our data being stolen. It’s no wonder identity theft is the fastest-growing crime, with 1 in 3 U.S. adults having been a victim. Data is power, and call me a skeptic, but what worries me more is an Orwellian world where our data is used systematically against us. We shouldn’t forget that during World War II, data — details on identity, heritage and religion — was used to identify people to horrific ends. Most recently, in China, data is being used against its citizens.
Over the coming years, I believe everything that we’ll access will be based on our ability to easily and securely prove our legal identity. Anyone in the world, once onboarded with a photo of their government ID and face, will be able to access all services seamlessly — everything from opening a bank account to checking into a hotel and ultimately voting. Fundamental to this convenience is the ability to reuse our verified identity across multiple services.
My cofounders saw this as an opportunity to build our business, and we’re not alone in our goal. There are other companies doing innovative things in this space, such as Microsoft and the decentralized network that it’s building on top of public bitcoin blockchain — with the goal of removing the control that apps, services and organizations have over digital identifiers such as email addresses and usernames.
Deloitte, uPort, Evernym and Signicat are working on the portability of consumer identities in the financial services sector. In April, they were accepted into the U.K.’s FCA Regulatory Sandbox, a group my company is a part of, to test how decentralized identity can facilitate personal data sharing between financial institutions.
Another company, Shocard, stores your identity within a blockchain so that you can prove your identity whenever you need to. Its system works across financial institutions, so users already credit scored for a bank account with one company can then choose to share their credentials and approval with other organizations in their network, accelerating credit card or mortgage applications.
It’s clear that a strong ecosystem of companies and organizations is coming together to grow, bring attention to and build out a series of technologies that will make portable identity a reality.
So, how can your organization best prepare for the arrival of portable identity?
First, as a learning organization, start discussing the trends around fraud, as well as the consumer demand for both privacy and seamless experiences with cybersecurity tools. Second, start envisioning what future customer experiences with your organization could look like, say, in five or 10 years. How could you implement portable identity in these experiences, and what would portable identity demand of your platform?
Lastly, you can get involved in the transition to portable identity by taking part in the creation of common standards with organizations such as the Decentralized Identity Foundation and the FIDO Alliance, two organizations my company is a member of, or the Self-Sovereign Identity Incubator.
