Managing Our Identity, Block by Block: Interview Armin Ebrahimi, Shocard
Whether be it be a driver’s license, birth certificate, passport or another form of identification, managing and storing our private documents in a secure manner can be an immense task. Moreover, the act of carrying a physical document that can be easily lost or stolen is a growing concern.
With identity theft and other intrusions on our personal data occurring at such an alarming rate, it’s no wonder that many of us feel helpless these days in terms of how to safely manage our personal information.
In many respects, governments have become the de facto repository of our identity. As a result, we have become slaves to the state, resulting in our lifestyles being constantly vetted and monitored. The notion that public intermediaries have gained easy access to perhaps our greatest asset, our identity, can be a daunting proposition. Yet alternative means of proving that we are are who we say we are, have no validity when it comes to scenarios like airport security screenings, in-person financial transactions or making purchases at a local liquor store.
Identity Self-Management
An individual’s ability to manage their own personal information is paramount to a world of freedom and privacy. Consider this thought; what if various pieces of our digital identity could be cobbled together into a digital ‘safety deposit box’, an immutable document record safely housed in a place that we ourselves control? Moreover, what if we could digitally store and access our driver’s license and passport on our smartphone?
And how about this; instead of constantly being subjected to the laborious process of re-stating our information for identity verification purposes, what is there was one secure portal, digitally controlled and managed by us, that was accessible to others with our permission? Like when we start a new W-2 job. Or navigate through airport security to catch a flight.
These and many other questions are now being explored by a cutting-edge company known as ShoCard, a digital identity system that’s privately and securely accessible through a mobile app. It’s aim is to protect consumer privacy while making permissioned access as easy as flashing a driver’s license.
Utilizing the ShoCard app, an individual can manage and access their identity information via a mobile phone. This person is the only person authorized to grant access when identification details are requested.
The stealth nature of the Identity Platform is tied to a public blockchain data layer. As a result, ShoCard is not subjected to common security risks and vulnerabilities associated with storing personal data or keys. All personal identity information is encrypted, hashed and then housed on the blockchain, protecting it from tampering. Further, the blockchain’s immutable ledger facilitates the validation of the original data, ensuring that it has not been altered or misrepresented.
A key engine fueling ShoCard’s functionality is the BlockCypher Transaction API. It is not only being used to publish identity data to blockchains but offers a key mechanism for ensuring the 99.99+ percent uptime required for 24/7 operation.
ShoCard has targeted a number of banks and financial services companies to collaborate with in authorizing identity, secure credit card transactions, monetary transactions and user credentialing. The company has also developed an app providing travelers with universal access to all of their travel documents. This can expedite the work of airport security and border protection teams in accessing passport, visa, and biometrics data without having travelers fumble around with physical paperwork and documents.
Armin Ebrahimi, Founder, and CEO of ShoCard notes that identity self-management has the potential to become the new normal for how we curate and provide access to our personal information.
“A versatile digital ID management platform like ShoCard is one where a ‘real’ person can be described and independently verified against authoritative certifiers without having to trust anyone but the certifier. By way of example, I may describe myself as being ‘Armin’. This is my self-declaration. With ShoCard, we allow this person to then self-certify themselves as, in my case, ‘Armin’. While this holds some value, the fact of the matter is, I am not an authoritative certifier.”
“However, if the State, the government, a bank or an airline certifies that I am ‘Armin’, the trust in who I am increases. In other words, the more authoritative the entity that certify me, the stronger the trust in my identity. Hence, if someone who doesn’t know me is able to talk to my web-of-trust, they can be assured that I am the ‘real’ person named ‘Armin’. We call this the web-of-trust.”
According to Ebrahimi, verifying this web-of-trust is a challenging task, a very slow process that often requires a privacy-authorization from the consumer. He notes that in most cases, ShoCard is simply not permitted to access the databases of these authoritative parties for verification purposes due to security and privacy issues, among other things. The good news: The blockchain can address all of this as Ebrahimi elaborates,
“If I can safely create a self-certification record on the blockchain and digitally sign that record with a private key that belongs only to me, I can establish ownership of that record. The authoritative certifiers can then verify that I own that record and create a new record on the blockchain that confirms their “certification” of my record which is then digitally signed with their private key. My record can have my government IDs and other information, but it can also have hashes of my biometrics (such as a facial image). I can then go to any third party, share my id and the certification records and the third party can confirm my ownership of my record and the fact that authoritative parties have certified my record using their private-keys.”
Ebrahimi though is under no false pretenses noting that much more work needs to be done with each step taken one at a time.
“A mobile digital id on the blockchain can do a lot. However, many of our clients are experimenting with smaller real-world usages to gain comfort. Certain features require regulatory compliance while others are less stringent, but create the exposure for the next steps.”
Future Proof
Over the next 12 to 18 months, Ebrahimi predicts the following:
“I believe users will expect to simply prove who they are quickly and safely and use that proof as a means to access what is important to them in both digital and the physical world. They will also expect this process to be secure and their privacy protected. Enterprises will follow suit as they, more now than ever before, need to heed to the expectations of their users or they can lose them to competition. Competition is no longer other well-established institutions, but rather new companies that pop-up with solutions that serve the users’ needs easier.
We will see things like username and passwords go away. Use of clear-text SMS and security questions will be seen as both user-unfriendly, time-consuming and unsecure. Reliance on phone calls to verify and authenticate users will fade away and people will simply not wait in lines or drive to banks and other places to do transactions. Users will also not have different IDs for each system they interact with. Physical wallets will go away and our phone devices will be tied to true biometrics of our physical-self.
Many verticals will be revolutionized by digital ID’s – healthcare, IoT, Physical and Cyber access, transportation, personal-automobiles, internet access, financial transactions, education-verification, government-security, and much more.
It’ll probably take longer than 12 months for all of this to happen, but the rate of adoption will quickly increase once the early adopters demonstrate the benefits. It is difficult to believe that just 9 years ago, Facebook barely existed and mobile-computing, as we have it today, was largely nascent. We still had flip-phones before the iPhone in 2007 and the Blackberry offering email was the only mobile-computing app that was prominent. Each round of technology adoption seems to take less and less time to become mainstream.
Most likely, all the changes I described won’t happen in 12 months, but it will certainly take much less than 9 years before we see it impacting our everyday life.”
