| |

Digital identities - how and why we are where we are, what it's proposed we do about it and whether it will work.

The fintech world is at last waking up to the biggest problem facing real-world businesses: how to perform KYC on customers you will never physically meet and who live lives which do not intersect with your own except for one specific purpose - the provision of a service. Of course, being tech-driven, fintechs are looking for a tech solution and they've even got a name for it - Digital Identities. The world is full of "White Papers" but there are no practical applications nearing real-world testing, so far as we can ascertain. It appears that, as in so many cases, people are starting with the tech and trying to make the problem fit it, rather than looking at the problem and trying to build tech around reality, says Nigel Morris-Cotterill.

Long read. Free for seven days.

**This article has been updated for spelling, grammar and one or two additions or amendments performed to improve clarity.** 11 November 2019.

I know the arguments that the data on a blockchain is encrypted but so far no one has explained to me how it is possible to ensure that only authorised persons can access it although I can see that it is possible that access is controlled directly by the data subject and access is granted to a specific user via a smart contract. (don't ask me how to do it: I've no idea but the principles say it must be so).

We have failed to identify a cost effective method of obtaining and authenticating information across vast numbers of people across vast geographical locations. There has been no mention of what to do about regular updating of information. Surely no-one is going to suggest that an email is sent every couple of years by the certification body saying "please click this link to confirm that the information in your registration remains accurate"?

The challenges for digital identity remain enormous and, if the plan is to have a unified global system, insurmountable. There are those who will simply refuse to join, those who cannot join and those who have no idea someone is trying to contact them to ask them to join. After all, despite the best efforts of medical teams to contact remote tribes, often they don't want to be found. They are not the only ones. The USA has a problem with people who claim they are members of sovereign nations and that US law does not apply to them. How will they be recorded? How will the system identify multiple identities for a single person? Dean Smith has worked on projects identifying individuals with multiple identities on large platforms: he says "we can be 90% certain that two identities relate to the same person with only four pieces of relevant matching data. We are sure with five pieces." Will there be any method of cross-referencing records on such a blockchain to look for common data across identities?

The end result is probably this: a small sample of the world's population who want to access specialist financial services may be created. It will be based on blockchain tech because it's far better than putting a giant database "in the cloud." It will not be global, people may well need to be registered with multiple digital identity providers. Interactions will be handled by smart contracts. But even then the weak link is always going to be the obtaining of verified information and ensuring that it's up to date.

And none of this even begins to address the KYC/CDD information needed for compliance with money laundering and terrorist financing laws and regulations.

If that sounds exactly like the problems that have plagued financial services businesses since they were told they must identify their customers for money laundering risk management and compliance purposes in the early 1990s, it's because it is exactly the same. Changing the tech doesn't change the nature of the problem although it might make implementing some aspects of a solution easier. Now all we need is for someone to find a solution that will actually work and achieve the objectives.

You may write to Nigel Morris-Cotterill here

Further Reading:

A hint on further reading: don't focus only on the very latest writing. There is a much useful material that was written long ago, in internet terms. Much of that is ignored but provides an excellent basis for understanding and, equally importantly, it means that current writing is not perceived as inevitably right because today's boffins are doing it.

**This article has been updated for spelling, grammar and one or two additions or amendments performed to improve clarity.** 11 November 2019.

---------------- Advertising ----------------

| | | |


World Money Lau...