| |

Digital identities - how and why we are where we are, what it's proposed we do about it and whether it will work.

The fintech world is at last waking up to the biggest problem facing real-world businesses: how to perform KYC on customers you will never physically meet and who live lives which do not intersect with your own except for one specific purpose - the provision of a service. Of course, being tech-driven, fintechs are looking for a tech solution and they've even got a name for it - Digital Identities. The world is full of "White Papers" but there are no practical applications nearing real-world testing, so far as we can ascertain. It appears that, as in so many cases, people are starting with the tech and trying to make the problem fit it, rather than looking at the problem and trying to build tech around reality, says Nigel Morris-Cotterill.

Long read. Free for seven days.

**This article has been updated for spelling, grammar and one or two additions or amendments performed to improve clarity.** 11 November 2019.

To understand why, we first have to understand the misleading and untrue statements that pour out of Facebook. It lies. It says it will not do something, then it does it. It says it has contained some harm but it just pops up somewhere else. More importantly, it does not undertake effective KYC on anyone on its platform. Facebook lies but its users lie or otherwise misbehave many times more. They influence elections, they post fictitious stories, they run illegal businesses selling drugs or endangered species and they broadcast and rebroadcast (they call it "sharing" which undermines the seriousness of what they are doing in a world where impermanence is an illusion) hate-filled messages and videos, including live streaming of atrocities. Facebook said "no adverts on WhatsApp" and even announced "end to end encryption" but WhatsApp routinely breaches the GDPR by distributing phone numbers and other information without the consent of the data subject. And it has said that it intends to integrate Facebook, Instagram and WhatsApp data to better target adverts on all three platforms. It is this that should excite some and horrify others for it provides the gateway for tech giants such as Facebook and - even moreso - huge search engines such as Google - to be in prime position to provide what they will claim are verified identities - and because they can data-mine, they can conduct extensive due diligence, if they have the computing power to analyse text and images. They can take the Experian model of credit data collected from e.g. catalogue sales and loyalty cards and give it a terrifying dose of steroids.

There are those in governments all over the world that will like that. There are privacy campaigners who will hate it. And there are the millions who have never had, or have closed, their Facebook accounts. Yes, Micosoft has data via LinkedIn but except for those who treat it like Facebook, there is a significantly lower prospect of personal information leaking into the world at large or, even, into a due diligence database.

But how much of what they collect is true? How easy is it to produce an entirely fake person on a social media platform and extend that to other internet environments? The answer to that is pretty much anyone can do it in minutes. Facebook has admitted to there being millions of fake profiles, LinkedIn suffers from periodic outbreaks of fraudsters. Would this change if the business models or regulation required them to verify the identify of those who hold accounts? Would hotmail, outlook gmail and yahoo suddenly stop being a vehicle for criminals? Would Cloudflare no longer act as a hidey hole for on-line criminals who use its service to shield their identity? Maybe, but, in the current state of technology, probably not.

---------------- Advertising ----------------

| | | |


World Money Lau...