A Solution Looking For A Problem? NOT!
David Birch
International keynote speaker, author, advisor, commentator and investor digital financial services. Recognised thought leader around digital currency, digital ID and digital assets. Follow dgwbirch.bsky.social
When it comes to exploring new technologies, it is common to hear the phrase “a solution looking for a problem” thrown around the boardroom. Sometimes it’s hard to distinguish the use cases from the useless cases: The idea that fire departments, for example, might use the blockchain to fight fires more effectively than by using a database (one of my favourite useless cases) might reasonably be criticised in this context.
When it comes to the new technologies of identification, authentication and (in particular) authorisation though, this criticism is wholly misplaced. In the identity world, we have not one but a million problems looking for the same solution: Digital identity.
A million? Yes, I am confident in this prediction. Here in the UK, a woman who took around 150 driving tests for other people has just been jailed for eight months. It seems to me that if the driving licence test centres are incapable of determining the correct identity of their customers, there is absolutely no possibility of (for example) volunteers at polling stations validating the identity of voters.
I can illustrate this with the story of a pilot who was sent to prison?in Britain for lying about his flying experience to get a job with British Airways. The fraudulent flyer entered false details and altered entries in his flight logbook so that he could appear more experienced than he actually was. He got the job and was flying for two years before he was found out.
Two years!
Now, it’s one thing to lie about credentials to get a job flipping burgers but it’s quite another thing to lie about being able to drive or being a police officer or qualified as an anesthesiologist or as a pilot.
But how can someone prove that they are a police officer or a pilot? The police in London are thinking about adding QR codes to their identification cards but I don’t know if that will be good enough?as QR codes are too easy to copy. In any case right now there are at least 2,000 police identification cards that are missing and could be used by anyone, since there is no authentication.
The lack of any identity infrastructure is manifested in the out-of-control fraud we see on both sides of the pond. The fact that Miami street gangs are now competing to control identity theft instead of boring old guns and drugs tell us that we are long overdue a practical identity infrastructure.
VCs
The general problem statement here is, not about proving who you are but about proving what you are. I need to know you have a line of credit, a pilot’s licence or a diploma from a top ten dental school. I do not care who you are, unless something goes wrong, in which case law enforcement or professional bodies take over.
Here, then, there is most definitely a problem looking for a solution and we already know what the solution is: verifiable credentials (VCs).
It should be quite straightforward. You walk into the doctor’s surgery and there is a certificate on the wall. You tap the certificate with your phone (or scan a QR code on the certificate) and your phone either shows you a picture of the doctor, if the qualification is valid, or a big red cross if it is not valid. If the process is anything more complex than that, it cannot help the general public.
领英推荐
Given the evolution of smartphones, contactless interfaces and verifiable credential standards, this takes us beyond tap-to-pay and towards what Jerry Fishenden calls the “tap-to-prove” world, which I think we need to get to as soon as possible. We are undoubtedly making some steps in the right direction here: For example,?The Post Office and Yoti have become the first government-approved digital ID providers, allowing UK citizens to prove their identities with an app instead of physical documents for the specific purposes of applying for a job or renting a property.
Mass Market
I rather like the tap-to-prove idea, because it introduces the possibility of a standardised mechanism for demonstrating credentials not only at the technological level but also at the human level. Identity experts often talk about the need for a “ceremony”. It’s a concept I rather like: It means that the actions that two people need to take in order to engage are well-known to both of them so that it provides confidence in the outcome. If the same ritual is applied in all circumstances and venues, then not only do you begin to do it automatically but if someone asks you to do something out of the ordinary, your suspicions are aroused.
This is what I mean by ceremony. If you go into the bar, you tap your phone on the doorman’s phone and the doorman gets confirmation that you are over 21 and you get confirmation that the doorman is licensed by the city to perform such a function.
It is one thing to have the digital identity infrastructure that we need to function in the modern world, another thing to make it deliver for the populace. Ceremonies are a way to do this.
Book Dave
Are you looking for:
Vice President of Solutions Architecture at Prescryptive Health, Inc.
2 年This is the necessary and best first use case for upgrading our digital experiences. Stuff of dreams - what we all hoped the internet would become. Thank you!! Once we have rock-solid self-sovereign digital identity we can seamlessly navigate, create, own, and interoperate our stuff in the “metaverse” - the tangible world starts to easily extend into the digital space. Boom!
Director Finance Operations ?? SAP Finance Processes ?? BPO Management ?? Process improvements and automations ?? Enthusiastic person
2 年A really insightful read, David! Thank you for sharing so many useful insights on digital identity and verifiable credentials. Not to mention all the examples you've shared to better understand the context.
AutoSettle - The digital settlement exchange for cars.
2 年In light of the biggest breach of PII in Australian history, yes David, we are with you on this... https://www.sbs.com.au/news/article/companies-dont-need-to-keep-identification-data-after-its-been-verified-attorney-general-says/zo2ubqhyu https://www.abc.net.au/news/2022-09-29/optus-data-breach-exposes-corporate-governance-gaps-around-cyber/101483874
Vice President at INNOPAY, a business of Oliver Wyman - Data sharing, Digital Identity & Payments - Strategy, Product Development & Execution
2 年Great piece Dave. All for easy ceremonies! Also a good way to educate public that the real challenge is in authentication. Well shown in your example of the doctor's picture showing up on my phone. This would finally allow me to check that the credential on the wall actually belongs to the person treating me. However, I also know a lot of people that would argue this is over-sharing... Your thoughts?
35 yr+ entrepreneur growing & creating businesses with high technology focus.
2 年Simplicity is indeed key - "It should be quite straightforward". but to get to that simplicity we need interoperability across solutions - that appears a long time off as many layers need to coalesce before we get close. Inevitably therefore we will (if lucky) have islands of simplicity which might merge over time. What is your view David on how we get to a level of interoperability (IO) and which aspects do you consider the first to crack re IO - common chain/universal resolver, common credential format, common business model (!!), .....