24 September 2017
Innovation and Transformation
Ajit Tripathi

Innovation and Transformation

Ajit Tripathi - PwC

9Posts 55,870Views 3Comments

Blockchain and The Seven Principles of Digital Identity

21 January 2016  |  6787 views  |  3

Let's Get Back to Productive Work:

The recent and very public departure of Mike Hearn from Bitcoin has temporarily distracted the broader Blockchain community from the three problems that the Fintech community is trying to solve. These are:

  1. What are the principles that govern the alleviation of distrust among partially rational actors with competing economic interests, thus permitting them to exchange value (otherwise known as economic activity).
  2. How do we prevent the pension of Average Joe and Jane Doe from disappearing into the abyss of the layers upon layers of fees levied by the stack of intermediaries in the investment process (otherwise known as disintermediation).
  3. What are the candidate technology & business architectures that'd allow this vision of a more efficient and fair economic architecture to be realised?

Meditate and Witness the Profound Truth...

As Mike clarified in his follow up blog post, R3 and Bitcoin are not competitors. R3 are looking to offer alternate technical architectures for regulated financial markets whereas Bitcoin has been built for censorship resistance in an extreme environment of distrust (otherwise known as the internet).

That begs the question. What does REALLY make Bitcoin unsuitable for regulated financial services. Is it anonymity? Is it censorship resistance? Something else?

The flip question is... what's the ONE thing that underlies the foundation of modern, regulated financial services?

That one thing is DIGITAL IDENTITY and here's why:

Finance = Money = Distrust => It's All About The (Not Yet) Bad Guy

Vinay Gupta of Ethereum has written a fascinating article on digital identity that I recommend everyone should read.

I, however, am a consultant... designed biologically to speak in bullet points whenever such an opportunity presents itself, and here I must let the bullets rain...

Beyond Reasonable Doubt

The harmonizing principle of law in the civilised world is... innocent until proven guilty, beyond reasonable doubt. Why is this principle so important? Does it stop the bad guys from doing bad things? Well it tries to but there's a lot more to it.

In the civilised world we don't punish people for thinking bad things (it's not the Minority Report here Steven) and the only bad guy is one that's done bad things. In fact, the value of this  one principle is that it stops the GOOD guys from doing BAD things, mainly to other GOOD guys.

Indeed, digital identity must meet the conditions that would serve to eliminate reasonable doubt.

The essence of Digital Identity (DI, not DUI) is that it must provide the legal basis for asset ownership, accountability for liabilities and dispute resolution in a civil or criminal court of law. For example:

  1. Default: If Jane Doe defaults on her debt obligations, I should be able to claim the money back through an orderly legal process (and not have to send a pack of strong men to Jane's home as some banks in emerging markets actually do!).
  2. Fraud: If Joe sells the house that actually belongs to Jane, Jane and the buyer Jade should be able to sue Joe and be made whole.
  3. Value Disputes: If Jane sells something to Joe at an unreasonable price, there should be a legal mechanism for Joe to dispute the price in the real world.
  4. Transaction Disputes: If Joe says he never gave the money to Joe, there should be a way to show that at least the data shows he did, or someone hacked in and did it as him.
  5. Sanctions: International law is not about fairness. It's about balance of power. If Joe sends money to North Korea and POTUS doesn't want him to, POTUS should be able to freeze his bank account, not someone else's bank account by mistake.
  6. Money Laundering: If Joe gets naughty and steals in taxes, he should have to apply extreme effort and creativity before he can use that money to buy that swanky villa in Vegas.

Let's Get Physical

Effectively DI is useless until NON-REPUDIABLY mapped to physical identity recognised by the applicable legal framework. 

This is Principle ZERO (being a developer too, my counting starts with zero sometimes).

Non-repudiable means I can't go to a court of law and say... HEY IT WASN'T ME (or in the case of Michael Jackson... THE KID IS NOT MY SON!!!).

Doing Bad Things to The Bad Guys

Maybe when I retire I will dwell upon the existential predicament of real world identity. Until then, let's pretend that Jean Paul Sartre was smoking something and For a person, physical ID simply means, well, that person's person that we can put in jail if necessary; and for a business that means a tax ID, certificate of incorporation etc. etc. that we can rescind, thus shutting the business down and causing the owners great pain... if necessary.

Here 'WE' refers to the government, the regulator, the courts... someone with power granted upon by some kind of a signed CONTRACT (e.g. a constitution or legislation or in the case of North Korea and Libya... by GOD).

The Demands of Non-Repudiability:

Non repudiability of Digital Identity requires the following attributes:

  1. Tamper proof storage: Naughty Joe can't overwrite Jane's digital passport and stick his name, date of birth, photo or address in there, for example.
  2. Strong Encryption: Joe can see Jane's data only if he is authorised (by some kind of a legal contract e.g. legislation, regulation or a bilateral contract). 
  3. Digital Signatures: Jane must ( do i love the term... non-repudiable) authorise all physical evidence that Jane's digital id is mapped to. This gracious act of mapping (association) not to be left to the NSA or GCHQ or Facebook.
  4. Data Permissioning: Joe can only see the data they are authorised to see (and not Jane's social security number for example unless Jane shall (non-repudiably) bless it upon him... maybe as a result of a date (or marriage... again a contract).
  5. Proportionate Evidence/Transaction Permissioning: Volume and Quality of Physical evidence (documentation, biometrics) supporting digital ID must be proportionate to the financial and nonfinancial risks involved in the relevant service. In other words, if I Joe's trading billions of dollars, you want a lot stronger physical evidence than if poor Joe's posting on instagram... i presume Joe's not posting 'that kind' of really bad stuff.
  6. Applicable Jurisdiction/Harmonisation of Standards: The applicable form and content of digital identity must be recognised by the applicable regulator (did I mention something about power...?) in the corresponding jurisdictions. Ie when Joe Yankee trades with Jane Yorkshirewoman, both the FCA and the FINCEN should be able to know who these fellas are and AGREE on what to do with them.

Blockchain for Blockchain

Now if these principles themselves point to something very blockchainy... maybe there's something to it. More on that later.

TagsSecurityRisk & regulation

Comments: (4)

Fergus Lemon
Fergus Lemon - PwC - London | 21 January, 2016, 16:30

Some interesting points in there Ajit.  Storing your ID on a blockchain has been mentioned a few times now but how do you ensure the on ramps onto the blockchain are trusted?  Still plenty of room for fraud and human error no? 

Any thoughts on how ZeroCash might fit into the current financial system....

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Ajit Tripathi
Ajit Tripathi - PwC - London | 25 January, 2016, 16:39

Fergus, it's not just the ID. At a certain level, a market participant's financial identity also involves their behavior through history e.g. credit history/rating etc. Ramps on the blockchain are more trust-able if the owner of the data i.e. the consumer has more control over id and authenticate/sign the information they wish to provide.

ZERO Cash... zero knowledge proofs are still in the early days. Interesting space I am watching closely. More on that later.

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Stephen Wilson
Stephen Wilson - Lockstep Group - Sydney | 24 June, 2016, 23:24

What a lot of strident, almost religious nonsense. 

Mr Tripathi writes: "Effectively DI is useless until NON-REPUDIABLY mapped to physical identity recognised by the applicable legal framework. ... Non-repudiable means I can't go to a court of law and say... HEY IT WASN'T ME (or in the case of Michael Jackson... THE KID IS NOT MY SON!!!)". 

Technologists have to stop telling people what is useless about identity.  We do a pretty good job today identifying people online.  It's far from perfect and there is too much fraud, but clearly on averege we're all doing pretty well in the digital economy.  So why shout at us about the "essential" nature of a signature? 

"Non repudiation" was always a technologist's ill-informed fantasy about how courts work.  The idea of NR has been rejected over and overby actual lawyers through the first 10-15 years of PKI. It's funny that the idea has resurfaced in blockchain discourse, but tragic that consultants are still writing about it in fantastical terms. 

Nothing will ever stop someone going to court to dispute a signature.  Even if I apply a digital signature myself, fully consciously, I might find myself disadvantaged somehow, and seek remedy in the legal process.  Perhaps my digital signature software didn't properly render the transaction, or was simply buggy? Perhaps the contract was unconscionable?  Perhaps I was coerced or under duress?  

Non repudiation is non-sensical. Get real people. 

Be the first to give this comment the thumbs up 0 thumb ups! (Log in to thumb up)
Ketharaman Swaminathan
Ketharaman Swaminathan - GTM360 Marketing Solutions - Pune | 25 June, 2016, 17:33

@StephenWilson:

You've nailed it. Regulatory filings for a company in India have to be signed digitally by the company's director. The procedure for doing this is utterly farcical: My outsourced agency sends me a digital signature file as an email attachment. I double-click it and run it on my PC. Then I sign the bunch of PDF files and upload them to the regulator's website. I asked the agency what would happen if the said email were to go to someone else, would that someone else be able to run the software on their PC and digitally sign the PDFs as me? They told me, "Oh, we're a chartered secretary firm, sorry we can't answer your IT questions"!

As a result, I've never felt comfortable with digital signatures. If ever I get disadvantaged on my regulatory filings, I'll describe this farcical procedure to challenge non-repudiation in a court of law.

1 thumb up! 1 thumb up! (Log in to thumb up)
Comment on this story (membership required)

Latest posts from Ajit

PSD2 aka Payment Services Directive 2: Identity, Reputation, Security and Privacy

08 June 2016  |  6309 views  |  5 comments | recomends Recommends 2 TagsPaymentsEBAday

Blockchain and The Seven Principles of Digital Identity

21 January 2016  |  6787 views  |  3 comments | recomends Recommends 0 TagsSecurityRisk & regulation

Blockchain: An Informal Investigation of Strategic Competition for Profit Pools

13 December 2015  |  1369 views  |  0 comments | recomends Recommends 0 TagsPost-trade & opsInnovation

Blockchain Standards Can Fix FOMO and FUD

18 October 2015  |  4698 views  |  2 comments | recomends Recommends 1 TagsBlockchainRisk & regulation

Ajit's profile

job title Director, Fintech and Digital
location London
member since 2014
Summary profile See full profile »
Director, Blockchain & Analytics. All views and opinions expressed here are strictly mine and bear no connection to my employer, our clients or vendors.

Ajit's expertise

Member since 2014
9 posts3 comments
What Ajit reads
Ajit's blog archive
2016 (3)2015 (3)2014 (3)

Who's commenting on Ajit's posts