← View all posts
2019-08-23

EOS dApp Ecosystem: Secure Digital Identity - Episode 2

Article credited to cryptomandate and provided by EOS GO

One of the major obstacles preventing the mass use of blockchains has been regulations. Many of the regulation bodies express that KYC (Know Your Customer) and AML (Anti-Money Laundering) procedures need to be implemented on users. Which brings a dilemma for both the user and the dApps (decentralized applications) providers. After all, the pxoint of decentralized systems is to break free from traditional means of transacting and to safe guard the user from centralized authorities.

eos-dapp-ecosystem-secure-digital-identity-big

That is why people flee from exchanges and projects that suddenly require you to provide your government issued ID for verification. Simply because once the government knows your identity then they could prevent you access to any of your funds and assets which defeats the purpose of a decentralized system. People want to own their identities and that ties into complete ownership and responsibility of one’s assets. For better or worse.

Governments want oversight and the people want privacy. This has been the conflict for decades now and without a reasonable alternative the people have had no choice but to confer, especially in the digital world (internet) where their options are limited. Practically every website that accepts payments on the internet requires a debit/credit card. Well cryptocurrencies solved that first part, the question now is about identity. The solution might be here.


Block.One’s solution

In case you didn’t know, Block.One is a company that built the EOS software/blockchain and basically gave it away to the EOS community to build and improve upon as open source. They are heavily invested in EOS and dedicate their resources into bringing new tools, projects and solutions that provide value for the blockchain. Led by CTO, Dan Larimer, they’ve come up with a possible solution to KYC and AML concerns without necessarily exposing users’ personal information.

Their solution to this problem is a new and possible game changing ‘digital identity’ to which they’ve secured a patent. It seems like the patent covers everything about how this sovereign-less identity will function to a point where it is going to be difficult for anyone trying to implement a similar technology without infringing on the patent. I’ll leave a link to the patent at the end of this article.

Unlike other forms of digital identities in the world today this solution will be independent from government issued forms of identity such as ID cards or drivers licenses. It may even be more secure than biometric (fingerprint, eye etc.) forms of identification and definitely much safer. I don’t speak legalese or technicalese, but to the best of my understanding I’ll explain in simple English how this innovative tech will work. The following may be paraphrasing on some meanings and wording from the patent.


The specifications and operations

The aforementioned patent document covers systems and methods for creating a secure and verifiable digital identity. The patent defines an identity as a form of signature that can be used to authorize activities online such as social media, games and financial institutions etc. Without the need for existing documents, cellphone numbers or email a user is able to generate their own unique digital identity.

To do this a user needs a device, such as a smartphone and have a private key tied to that device. The private key will be kept in the hardware/operating system of the device thus applications on it will run in a secure system. Since the private key and device are inter-connected, inputs made through the device’s GPS sensor, camera or microphone can be verified to you by the operating system or the app’s developer. The operating system will only allow applications with trusted and verified developers to be executed providing for further security. This leads me to believe that any platform that needs to interact/access this identity system will have to run on top of the EOS blockchain.

On a quick side note. This digital identity reminds me of the ‘Extension Authenticator Reference Applications’ that was released in late May of this year. It allowed iOS and Chrome users to sign in and approve transactions from web (safari/chrome) or mobile (iOS) applications. It may have been the catalyst to this more extensive digital identity. (linked below)

To create their secure and verifiable digital identity a user then needs to take a picture of themselves on the device that has the private key which confirms the visual identity of this user. The more pictures a user takes on this device the more reliable their identity is along with the private key. A further step would be for you and a friend to both take pictures of yourselves at the same time and on different devices with different private keys. The facial recognition would then confirm each of the pictured users’ identities. This makes it harder for identity thieves to forge your identity because they would need to replicate your relationships in order to steal your identity.

Remember your private key and device are pretty much one and the same so when you take a picture it logs the time and location of where the picture was taken. The visual cues (face) verifies that you are indeed the person who was in that location. Now imagine someone halfway across the world tries to access applications or create new accounts using your identity. This would clearly raise a red flag because you can’t be in two places at the same time. At least not until a reasonable amount of time has passed for you to have travelled that far. Your identity is uploaded on a secure but verifiable blockchain including images, videos and audio.


The Bad

At this point the stakes are high. We already know governments and Facebook have this data on us but do we want to risk more people getting access to our private information, who may be more malicious with such information? Of course we don’t. Not only can this data affect us in the digital world but in the real world too.

It doesn’t make it easier knowing blockchains have been compromised before with funds, data or other information stolen. Most of the times the vulnerabilities come from 3rd party apps such as exchanges. Although the EOS blockchain hasn’t experienced any successful hacks on it. It does help that Block Producers have the ability to freeze accounts with suspected stolen funds.

This is beyond money, its identity and hopefully Block.One can shed some light on the security of this initiative. Can bad actors gain access to our personal information through 3rd party applications like in current systems or will there be a different blockchain to securely store this information away from prying eyes? These are all the questions we as a community should ask and hope to get them answered in the coming weeks.


The Good

This idea is a game changer and if it can be implemented it will set the new standard in the digital world, not only on the Blockchain but across the internet. One of the biggest problems facing dApps and other platforms is the use of bots. They disrupt performance and contribute to the collection of inaccurate data of operations. Bots are responsible for some pumps and dumps on exchanges, fake volume, falsified transactions, and fraud amongst many other things.

Block.One is building the new infrastructure for an internet 2.0 at a such a fast pace that it flies past most people’s view especially those not involved with EOS. The new internet will be connected to such a point where people will live most of their lives on it through means such as virtual reality. It’s pleasing to know that this digital identity is spear heading ahead of this new digital world. In a world where shopping, gaming, schooling, exercise, socializing etc. are all done metaphysically on the internet, Block.One and EOS are already on the forefront with its most critical tech – a Secure Digital Identity.

As I mentioned before the patent for this tech looks to be airtight so if any entity or individual wants to partake in this digital world securely they would most likely need to do so through the EOS blockchain. This sounds like mass adoption is on the way for EOS. If Block.One maintains its current pace on innovation this will happen in no time.


Conclusion

I know there are many companies that are trying to lead this race to a new internet but they’re already at a disadvantage because they rely on traditional technology. The blockchain is a tech that many of these tech giants are only just now trying to figure out. Companies like Facebook have come the furthest in this regard but still can’t compete because their systems are still centralized and thus have a limited input.

On the opposing side EOS is an open-sourced and decentralized project on which many talents across the world contribute to its growth. Companies like Block.One are fully invested in the blockchain and spend all their resources on it. Also leading the company are some of the world’s best blockchain talents with years of experiences on their belts.

Testament to this is the amount of hiring happening across all segments in Block.One and as we speak there are currently 70+ new open positions for top talent in the company. They have an abundant and very capable legal team to steer the company through global regulations as well as creating airtight patents like this one.

The path for EOS is a highway. Many companies are contributing to the ecosystem in so many different ways that it’s hard to keep track with all of them. Some of these companies are going to replace their traditional counterparts as blockchain gains more popularity. The companies that refuse to adapt to this change will be rendered obsolete. Right now we can see the core fundamental technologies for the operations of the new internet being implemented to EOS. Whilst its competitors such as Ethereum, are still struggling with the same problems dating 3 years back.

Hopefully this summary of the entire patent was sufficient and simple enough to get the point across as intended. This article is only the second of many articles I plan on writing about the EOS dApp ecosystem covering everything from core blockchain updates to in-depth reviews of dApps in a much simpler way that anybody can understand. This series of articles will also focus on the dApps that are greatly contributing to the health and growth of the EOS blockchain; there’s many of them.

Until the next one,

@cryptomandate


Disclaimer: The views expressed by the author above do not necessarily represent the views of EOS GO. EOS GO is a community where EOS GO Blog being a platform for authors to express their diverse ideas and perspectives. To learn more about EOS GO and EOS, please join us on our social medias.

EOS GO Telegram - EOS News Channel - Twitter


EOS GO is funded by EOS ASIA and powered by YOU. Join the community and begin contributing to the movement by adding eos go to your name and joining the EOS GO telegram group.

Join Telegram