Identity and
blockchain tech
How digital identification management systems could be
transformed with blockchain technology.
1
WITHIN 24 HOURS
Webinar recording will be distributed
The presentation will also be sent to you.
Feel free to share with colleagues. The
resolution of some slides may be suboptimal
due to the webinar software. Those slides will
look fine in the presentation that we send you.
http://support.citrixonline.com/en_US/Webinar
2
JOIN THE CONVERSATION ON TWITTER
@cbinsights
@arieh313
#identityblockchain
3
WHO WE ARE
The technology market
intelligence platform.
CB Insights software lets you predict, discuss,
and communicate emerging technology trends
using data in ways that are beyond human
cognition. We are a leader in the Expert Automation
& Augmentation Software (EAAS) space.
4
TRUSTED BY THE WORLD’S LEADING COMPANIES
“We use CB Insights to find emerging trends
and interesting companies that might signal a shift in
technology or require us to reallocate resources.”
Beti Cung, Corporate Strategy, Microsoft
5
The Disruption of
Financial Services
The Future of Fintech is an exclusive
gathering of the world's largest financial
institutions, best fintech startups, and
most active venture investors.
New York, NY
June 19-21, 2018
6
ABOUT THE ANALYST
Arieh Levi
Tech Industry Analyst
@arieh313 | alevi@cbinsights.com
Arieh Levi is a tech industry analyst at CB Insights, where he produces
data-driven analysis and research reports on private company financing,
exit and performance trends across emerging industries, geographies, and
investors – specifically, blockchain, and fintech.
Prior to joining CB Insights, Arieh held roles in healthcare and financial services.
Arieh is a summa cum laude graduate of Yeshiva University.
Arieh’s most popular research:
What Is Blockchain Technology?
Blockchain Investment Trends In Review
Coinbase Strategy Teardown
7
Contents
9
Digital identity isn’t working
28
Identity on a blockchain?
43
Where we stand today
51
Where we’re headed next
Image source: Peter Steiner, The New Yorker
8
TODAY
Digital identity
isn’t working
9
How users currently establish identity online
1
2
3
TRADITIONAL IDENTITY
TRADITIONAL IDENTITY,
DIGITIZED
BROKERED IDENTITY
Traditional forms of identity – like SSNs
or birth certificates – still hold weight in
much of the developed world, but are
increasingly insecure.
Attempts at digitizing traditional forms
of identification – like India’s Aadhaar –
(and placing them in secure, central
databases) have found mixed success,
and are a “honeypot” for would-be
attackers.
Companies (like FAMGA) that offer free
services in exchange for personal data
have acquired billions of users, but now
find themselves as brokers of key
information and personal identity.
10
1
2
3
TRADITIONAL IDENTITY
TRADITIONAL IDENTITY,
DIGITIZED
BROKERED IDENTITY
Traditional forms of identity – like SSNs
or birth certificates – still hold weight in
much of the developed world, but are
increasingly insecure.
Attempts at digitizing traditional forms
of identification (and placing them in
secure, central databases) have found
mixed success, and are a “honeypot” for
would-be attackers.
Companies (like FAMGA) that offer free
services in exchange for personal data
have acquired billions of users, but now
find themselves as brokers of key
information and personal identity.
11
How do we prove
our identities?
In the US, a Social Security
Number is generally the
most accepted (and
government-approved) way
to prove identity; you need
one to open a bank account
or buy a home.
Ironically, SSNs were never
intended to be used for
identification purposes.
This language
was removed
beginning in 1972
12
Physical identifiers
are no longer
adequate
Identity information is for sale on the dark web
For one, we live in an
increasingly digital world.
For another, traditional
forms of identification are
increasingly coming under
attack (with the Equifax hack
exposing the SSNs of 150M+
Americans), and are often
offered for sale on the dark
web.
Source: IBM X-Force, SecureWorks
13
NEW RULES AFTER EQUIFAX BREACH EXPOSES 150M+ AMERICANS
“When you look at things like the Equifax breach – and the other
waves of breaches that have seen the full suite of consumer
information go out the door – accounts being taken over is
becoming a less challenging threat than fraudulent accounts and
synthetic identity frauds, where stolen data is attached to fabricated
accounts and identities.”
Brian Krebs
Krebs on Security
14
1
2
3
TRADITIONAL IDENTITY
TRADITIONAL IDENTITY,
DIGITIZED
BROKERED IDENTITY
Traditional forms of identity – like SSNs
or birth certificates – still hold weight in
much of the developed world, but are
increasingly insecure.
Attempts at digitizing traditional forms
of identification (and placing them in
secure, central databases) have found
mixed success, and are a “honeypot” for
would-be attackers.
Companies (like FAMGA) that offer free
services in exchange for personal data
have acquired billions of users, but now
find themselves as brokers of key
information and personal identity.
15
India skips physical, goes straight to digital
India hopes to leapfrog physical identification by putting the information
of 1.3B citizens in its government-run database, Aaadhaar. Aadhaar
allows users to grant and revoke access to personal data.
A user registers
biometric data for
Aadhaar
16
The Indian constitution does not mention
a “right to privacy”
Total population
of India:
Current number
of Aadhaar IDs:
1.3B
1.1B
17
Aadhaar is controversial, and a target for hacks
Why India’s Big Fix is a Big Flub
January 21, 2018 |
18
1
2
3
TRADITIONAL IDENTITY
TRADITIONAL IDENTITY,
DIGITIZED
BROKERED IDENTITY
Traditional forms of identity – like SSNs
or birth certificates – still hold weight in
much of the developed world, but are
increasingly insecure.
Attempts at digitizing traditional forms
of identification (and placing them in
secure, central databases) have found
mixed success, and are a “honeypot” for
would-be attackers.
Companies (like FAMGA) that offer free
services in exchange for personal data
have acquired billions of users, but now
find themselves as brokers of key
information and personal identity.
19
FAMGA: The internet’s identity brokers
The world’s largest technology companies have built platforms with billions of users
worldwide, making them some of the most dominant brokers of digital identity.
“Systems and methods for
accessing multiple resources
via one identifier”
Patents
“Fraud prevention based on
user activity data”
20
FAMGA places bets on identity technology
Select strategic identity investments and acquisitions by Facebook, Amazon,
Microsoft, Alphabet (Google), and Apple. 2015 – 2018 (02/07/2018)
Indicates
acquired
21
Amazon focuses on patents, internal projects
While lacking direct investments, Amazon has pursued identity-focused
patents and launched Macie, an AWS tool to protect sensitive data
that includes PII (personally identifiable information).
“Fine-grained structured
data store access using
federated identity
management”
Patents
“Transaction completion
based on geolocation
arrival and user
identifiers”
22
Incumbents and startups offer “federated” identity
Federated identity use cases are most common online and include:
social login, web based single-sign-on (SSO), and password managers.
Password free login
Universal identity platform
Token based identity
Centralized identity gateway
23
LOSING CONTROL OF PERSONAL DATA
“No private company owned the protocols that defined email or
GPS or the open web. But one single corporation owns the data
that define social identity for two billion people today — and
one single person, Mark Zuckerberg, holds the majority of the
voting power in that corporation.”
Steven Johnson
Author, “Beyond the Bitcoin Bubble”
24
Swaying elections with Facebook data
Calls For Facebook to Testify to Congress
Are Growing Louder – and Bipartisan
March 19, 2018 |
25
GDPR protects European Union citizens
The General Data Protection Regulation (GDPR) is a law that requires businesses to protect the
personal data and privacy of EU citizens. GDPR covers “any information… that can be used to
directly or indirectly identify” a citizen, and offers citizens the “right to be forgotten.”
26
WHAT DOES TOMORROW LOOK LIKE?
The future of consolidated identity
A shift is taking place from multiple credentials to the creation of a single credential
that can serve in all instances where personally identifiable information is required.
Where we are now
Consolidating digital
identity credentials
Merging online and
offline identities
A single credential
for all activities
27
WILL IT BLEND
Identity on a
blockchain?
28
Major challenges with digital identity today
1. Users: How can a user own his or her own digital identity in a
way that maintains privacy and permits only the right
organizations and individuals to access, store, analyze, or
share it?
2. Enterprises: How can an enterprise identify and authenticate
customers, build a profitable data moat, and comply with user
privacy regulations?
3. Governments: How can governments create identity
management systems that balance convenience and both
user and national security?
29
What does ideal identity management look like?
1. Personal: unique to the user
2. Persistent: lives with the user from life to death
3. Portable: accessible anywhere the user happen to be
4. Private: only the user can give permission to use or view data
Source: ID2020
30
Could a blockchain
provide identity
management?
A blockchain is a type of
distributed database that
allows untrusted parties to
reach consensus on a
shared digital history,
without a middleman.
A distributed database
eliminates a single point of
attack, and makes
blockchains highly secure
and highly reliable sources
of truth.
31
BLOCKCHAIN AS THE KEY TO USER-CONTROLLED IDENTITY
“Imagine a world where you are in direct control of your personal
information; a world where you can limit and control how much
information you share while retaining the ability to transact in the
world. This is self-sovereign identity, and it is already here. Blockchain
is the underlying technology paving the path to self-sovereign
identity through decentralized networks.”
Jerry Cuomo
VP of Blockchain Technologies, IBM
32
Two schools of thought for identity
management on a blockchain
1
2
USER-CONTROLLED IDENTITY
IDENTITY ATTESTATION
The user controls their own identity without relying on a
centralized database of identity credentials, and without
the possibility of forfeiture, erasure, or deletion.
Centralized identity credentials (SSNs, birth
certificates) that are attested to by users and thirdparties on a decentralized database.
Source: A First Look at Identity Management Schemes on the Blockchain
33
Pre-existing credentials aren’t necessary
to establish identity
1
USER-CONTROLLED IDENTITY
The user controls their own identity without relying on a
centralized database of identity credentials. Like a new
social media profile, the user can create a digital identity
without providing pre-existing identity credentials.
Source: A First Look at Identity Management Schemes on the Blockchain
34
IDENTITY AS A KEY TO A NEW, DECENTRALIZED INTERNET
Funding
$57M
Blockstack Labs is building a new
internet protocol where users control
their data and decentralized apps run
independently on users’ devices.
By eliminating the traditional model
of centralized servers and cloud
services, the company hopes to
remove middlemen and central
network attacks, effectively changing
the nature of internet privacy.
35
REGISTERING IDENTITY ON THE ETHEREUM BLOCKCHAIN
uPort is part of Ethereum’s
Consensys development
outfit, and is building a
mobile wallet that will allow
users to issue and revoke
access to identity credentials
at will.
The company is working with
the city of Zug, in Switzerland,
to register identities on the
Ethereum blockchain.
36
A USER-CONTROLLED IDENTITY STACK, BUILT FOR ENTERPRISES
Funding
$7.3M
Evernym is working with enterprises
to establish digital IDs for credit
unions (partnering with CULedger)
and broader financial services on
top of its self-sovereign identity
network, Sovrin.
Sovrin is a non-profit established to
govern a distributed identity network
as a global public utility; nobody
owns the Sovrin network.
37
Pre-existing credentials are needed to establish
identity – and attested to on a blockchain
2
IDENTITY ATTESTATION
Centralized identity credentials (SSNs, birth
certificates) that are attested to by users and thirdparties on a decentralized database.
Source: A First Look at Identity Management Schemes on the Blockchain
38
How does attestation work on a blockchain?
A 3rd party
service verifies a
user’s identity
Verified digital
credentials (or a
digital pointer)
are placed on a
blockchain
An institution
asks a user to
provide identity
credentials
Provided Identity
credentials are
checked against
the blockchain
The records
provided match
the records on
the blockchain,
and the user’s
identity is verified
39
USING BLOCKCHAIN TECHNOLOGY TO PROVE IDENTITY OF BANKING CUSTOME RS
Funding
$74M
SecureKey’s Verified.Me helps
banks prove user identity
(toward KYC/AML) with
attestation via a blockchain.
Among other partnerships, the
company is working with IBM
to build a digital identity
network for Canadian banks.
40
BLOCKCHAIN-BASED BIOMETRIC DATA TOWARD KYC/AML COMPLIANCE
Funding
$36M
Civic enables users to share and
manage their verified identity
data (including biometric data)
via a blockchain.
Civic’s platform provides multifactor authentication without a
username or password.
41
ID2020 partners look to register citizens at birth
Microsoft, Accenture, and Avanade have dedicated resources to a blockchain-based identity system
as members of the ID2020 alliance. ID2020 hopes to piggyback on existing systems – like
immunization programs – to register citizens of developing countries at birth.
42
REALITY CHECK
Where we
stand today
43
Blockchain and identity face unique obstacles
GOVERNMENTS AND
INSTITUTIONS WANT
TO MAINTAIN CONTROL
USERS DON’T CARE
ENOUGH TO SWALLOW
SWITCHING COSTS
A blockchain might cut governments
and corporations out of identity
management, and could shift the
balance of power toward the user.
While data privacy and identity portability
are lofty and idealistic goals, users might
not want to switch to blockchains with
limited network effects.
44
A tug of war between users and institutions
Governments and institutions closely hold their data stores, and don’t have any
incentive to interoperate and create portable identity. For users, switching to a
blockchain for the sake of privacy or portability will come at a high cost.
Source: The Information
45
Blockchain
technology solves
a specific problem
Ledgers
Blockchain technology
makes sense when a 3rd
party isn’t trusted to
administer the record.
Distributed
Ledgers
However, would a
government agree to
relinquish that control, or
would a corporation (like
Google or Facebook) be so
quick to open its walled
garden?
Blockchains
Source: Tim Swanson
46
Distributed ledger
technology as an
alternative
If a trusted 3rd party could
administer the ledger, then
a blockchain would be
unwieldy, slow, and a poor
solution.
Do you need a blockchain?
Do you
need a
ledger?
Are there
multiple
writers?
Do you
trust a 3rd
party?
Are all
writers
known?
Possible
blockchain
implementation
Are all
writers
trusted?
Governments are more
acutely interested in the
power of DLT for identity,
and not necessarily
blockchain technology.
Do you
need to
verify
publicly?
(permissioned,
permissionless,
public, private)
No blockchain
(possible DLT)
Source: Do You Need A Blockchain
47
For governments, distributed ledgers are just
one possible solution
Blockchain and
DLT technology
sit here
Source: World Economic Forum
48
A SINGLE, UNIVERSAL IDENTITY COULD BE AN ORWELLIAN NIGHTMARE
“A trusted entity will need to establish some legal and enforceable rules and policies for
how it all works, they’ll need to make it easy for the average person to use securely, and
they’ll need to convince a critical mass of people and service providers to adopt and
trust the ID — all while finding an economically viable business model. Some institutions
are uniquely positioned to solve all of these chicken-and-egg issues at once and bring this
big idea to life — first among them are our citizen-facing government agencies… The
trouble with this idea is that a universal ID poses risks to privacy and hence [could]
encounter significant political opposition.”
Charles Race
President at Okta, Inc.
49
Blockchain technology could make China’s
“social credit” system even creepier
China’s “social credit” is calculated based
on citizens’ credit and payment history, as
well as their loyalty to China’s ruling
communist party. Most recently, China
announced that citizens with bad social
credit would be barred from buying plane
and train tickets.
A distributed ledger controlled by the
Chinese government could make such a
system even more efficient – and dystopian.
50
N+1
Where we’re
headed next
51
The next frontier of blockchain-based identity
1
2
3
NATIONAL IDENTITY
IDENTITY OF THINGS
A NEW INTERNET
Governments are exploring what
distributed identity might look like,
starting with birth registrations with
potential to expand to credit ratings.
Beyond identification solutions for
people, blockchain could be used to
attest identity for objects and act as a
network for the internet-of-things.
If users can own their data and identity,
they can also rebuild the internet from
the ground up – emphasizing privacy
and open borders.
52
1
2
3
NATIONAL IDENTITY
IDENTITY OF THINGS
A NEW INTERNET
Governments are exploring what
distributed identity might look like,
starting with birth registrations with
potential to expand to credit ratings.
Beyond identification solutions for
people, blockchain could be used to
attest identity for objects and act as a
network for the internet-of-things.
If users can own their data and identity,
they can also rebuild the internet from
the ground up – emphasizing privacy
and open borders.
53
Governments are exploring distributed identity
Estonia is using DLT to modernize the country’s data registries, and offers e-residency to citizens of
other countries. Meanwhile, Illinois is partnering with Evernym to place birth registrations and other
credentials on a blockchain, but has found challenges with scalability, privacy, and interoperability.
54
1
2
3
NATIONAL IDENTITY
IDENTITY OF THINGS
A NEW INTERNET
Governments are exploring what
distributed identity might look like,
starting with birth registrations with
potential to expand to credit ratings.
Beyond identification solutions for
people, blockchain could be used to
attest identity for objects and act as a
network for the internet-of-things.
If users can own their data and identity,
they can also rebuild the internet from
the ground up – emphasizing privacy
and open borders.
55
If people can be identified, so can things
Everledger has put over 1.6M diamonds on a distributed ledger, cutting costs for players throughout
the supply chain. The company recently announced a partnership with Dharmanandan Diamonds, an
Indian diamond manufacturing company.
56
1
2
3
NATIONAL IDENTITY
IDENTITY OF THINGS
A NEW INTERNET
Governments are exploring what
distributed identity might look like,
starting with birth registrations with
potential to expand to credit ratings.
Beyond identification solutions for
people, blockchain could be used to
attest identity for objects and act as a
network for the internet-of-things.
If users can own their data and identity,
they can also rebuild the internet from
the ground up – emphasizing privacy
and open borders.
57
A DECENTRALIZED INTERNET, WITH THE USER IN CONTROL
Funding
$4.7M
Orchid hopes to create an
internet free of surveillance
and censorship, with internet
traffic routed randomly
through a network of
contributors who share
surplus bandwidth.
SELECT INVESTORS
Andreessen Horowitz, Compound,
Metastable Capital, Polychain Capital,
Sequoia Capital
58
Questions?
Twitter: @arieh313
alevi@cbinsights.com
59
WHERE IS ALL THIS DATA FROM?
The CB Insights platform has the
underlying data included in this report
CLICK HERE TO SIGN UP FOR FREE
60
cbinsights.com
@cbinsights
61
Students should cite any material taken directly from other sources including the Internet, and not represent it
as their own. Failure to do so may result in a failing grade.
Class Expert - Oral Reports - In addition to the written reports, each 2-3 person subgroup will be assigned a
"class expert" subject to research and present to the class. The purpose of this oral report is to expose students
to topics related to the course material and make students more comfortable presenting to an audience. If
possible, students should attempt to relate their topic to the current subject matter but, not all subjects are
appropriate for that exercise. Students should prepare a minimum of 5 minute but, maximum of 10 minute
presentation (powerpoint suggested with no more than 10+/- slides) giving the class an overview of the subject,
how and why it is used and strengths/weaknesses. The data sources provided in the syllabus should be
considered a starting point for research. +
I
Team Case Analysis Assignments: -
1) Team Case Analysis Presentation – We will review case studies (available in the course pack) starting in the
middle of the semester. On case study days, two teams will deliver a PowerPoint-based presentation (15-20
minutes, with an additional 10 - 15 minutes of Q&A). -
Purchase answer to see full
attachment