• latest news

    رسائل حب

    Buried in Facebook’s Libra White Paper, a Digital Identity Bombshell






    • Facebook’s Libra white paper includes a brief but potentially seismic nod to digital identity standards.

    • With 2 billion users worldwide, Facebook may be able to succeed
      where others have failed in jump-starting a globally accepted digital
      ID.

    • Some identity experts say this is even more important than the
      cryptocurrency, but others question how much control Libra would give
      users and find its approach overbearing.






    Buried in Facebook’s Libra white paper are two short sentences hinting that the project’s ambitions go even further than bringing billions of people into the global financial system.


    More than launching a price-stable cryptocurrency for the masses,
    Libra could be aiming to change the way people trust each other on the
    internet.



    At the top of page nine, in a section describing the consortium that will govern the Libra coin, the white paper states:



    “An additional goal of
    the association is to develop and promote an open identity standard. We
    believe that decentralized and portable digital identity is a
    prerequisite to financial inclusion and competition.”


    That’s all the paper has to say on the topic of identity, perhaps explaining why the brief mention of such a foundational issue for 21st-century commerce escaped widespread notice despite all the hype over the document itself.


    But to some observers, the line dropped like a bomb. 


    Dave Birch, director of Consult Hyperion and the author of books on digital identity and bitcoin, flagged these lines as “the most interesting” in the paper. 


    Smoothing pathways on the internet
    using identity is a bigger deal to many people than a putative
    cryptocurrency, Birch argued, adding:




    “There are no throwaway
    remarks in a Facebook white paper that has taken a year to put together.
    It’s in there for a reason. [Facebook] are actually going to try and
    fix the identity problem.”


    A Facebook spokeswoman said this week that the company had nothing to add about identity beyond what’s in the white paper.



    Who are you?



    It’s a problem almost as old as the internet itself. As the classic “New Yorker” cartoon put it, “on the internet, nobody knows you’re a dog.”


    In such an environment, businesses need to guard against fraud, but
    the copious amounts of personal data consumers must share to prove they
    are who they say they are leaves them vulnerable to identity theft and spying.



    Fixing this problem means finding a way to have the sort of
    credentials an individual holds in their physical wallet realized in a
    verifiable digital version which can be trusted across the internet. And
    for many technologists who have thought long and hard about identity,
    the solution must be “self-sovereign,” or controlled by the individual.



    Birch, who has long seen the
    potential of social networks as natural springboards for managing
    digital identity, described a scenario where a user’s “I am over 18”
    credential (rather than their exact birthdate) is needed to log into a
    dating site.



    This could be accessed through
    Libra’s cryptocurrency wallet Calibra via one of its partners,
    Mastercard, for example, with its two-factor authentication process.
    Then a cryptographic credential is sent back to Calibra containing no
    personally identifiable information but stating this person is over 18,
    which can then be presented to the dating site at log in.



    While others have proposed similar arrangements (sometimes involving blockchains), none had the reach of Facebook, with its 2.38 billion users worldwide.


    If Libra were “to drift in the
    direction of self-sovereign solutions, Facebook’s endorsement of that
    approach might make more of an impact on the market than, say, uPort or Evernym might have done,” Birch said, 
    referring to two such blockchain ID startups.



    And despite its reputation as the ultimate Peeping Tom,
    Facebook has hinted at such aspirations before. In February, while
    Libra was still under wraps, CEO Mark Zuckerberg said he was investigating blockchain’s potential to allow internet users to log in to various services via one set of credentials without relying on third parties.




    Standard setting



    Stepping back, technologists have been trying to address the challenge of identity for more than a decade by establishing open standards.
    In the same way that URLs, for example, open webpages anywhere on the
    internet, standards are also needed to ensure digital attributes about
    an individual can be universally issued and verified.



    The OAuth standard, for example, is
    what let you log into websites through a third-party service like
    Facebook without sharing a password. 
    More
    recently, such work under the auspices of the World Wide Web Consortium
    (W3C) has included things like Decentralized Identifiers (DIDs) and the
    verifiable credentials standard, both meant to enable self-sovereign
    digital identity.



    Some veterans of this field were
    taken aback by the suggestion that the Libra Association (a group of 30
    or so companies, expected to reach 100 or more) would develop an open
    identity standard.



    “That’s very world domination-ish of them,” said Kaliya Young, a co-author of “A Comprehensive Guide to Self Sovereign Identity” and co-founder of the Internet Identity Workshop.
    “Some of us have been working on that problem for a really long time.
    You already have a set of open standards for verifiable credentials that
    are basically done and working.”



    Young pointed out that “unilaterally
    declaring” an open standard belies the process of going through
    standards development with an open community, adding that all the people
    working on identity standards are connected to one another in reaching a
    common goal.  



    “That
    work is being led by a community of people deeply committed to there
    being no one company owning it in the end, because identity is too big
    to be owned, just like the web is too big to be owned,” she said. 



    (Indeed, Facebook was previously said to have rebuffed an invitation to participate in the DID project alongside Microsoft.)


    Phil Windley, chair at the Sovrin
    Foundation, which contributed the codebase to the Hyperledger Indy
    blockchain ID project, acknowledged the risk of parsing two sentences in
    Libra’s paper too finely. But he made the point that “decentralized”
    and “portable” (Facebook’s words) are not exactly the same as
    self-sovereign.



    “Decentralized” could simply mean a
    user’s identity data – their attributes and identifiers – are spread
    among nodes that are run on the Libra blockchain, said Windley. This
    doesn’t imply the user necessarily has control of them. Likewise,
    “portable” just means credentials can be moved from one place to another
    but doesn’t necessarily mean you get a say in how they are used.



    Windley told CoinDesk:



    “People often use
    ‘decentralized’ as an unalloyed gilt and just assume that it means
    everything is going to be great. That could be what they are doing here –
    just using ‘decentralized’ as a synonym for ‘awesome.’”



    Joining the dots



    That said, Windley was respectful
    about the scale of Libra’s vision, which he suspects is much bigger than
    dealing with know-your-customer (KYC) checks and the regulation around
    building a global permissioned currency platform.



    He pointed to the paper’s authors
    which include many firms like Mastercard or Kiva, folks who have thought
    very hard about digital identity. (Neither company would comment on
    Libra’s approach to digital identity).



    “I suspect given Libra’s goal of
    financial inclusion, they are probably thinking about it bigger than
    just authentication and authorization for a few narrow purposes,” said
    Windley. “I think there is enough there (e.g. the smart contract
    language) to believe a stablecoin is just one thing that they envisage
    using Libra for.”



    In the absence of any detail on what
    might comprise a decentralized identity standard from Libra’s
    perspective, some dots can be joined by examining the recent work of
    George Danezis and his co-founders at Chainspace, a startup acquired by
    Facebook in May.



    A paper introducing a “selective disclosure credential scheme” called Coconut explains
    how a system of smart contracts (computer programs that run on top of
    blockchains) could “issue user credentials depending on the state of the
    blockchain, or attest some claim about a user operating through the
    contract – such as their identity, attributes, or even the balance of
    their wallet.”



    The Coconut protocol goes on to
    describe how credentials can be jointly issued in a decentralized manner
    by a group of “mutually distrusting authorities.” These credentials
    cannot be forged by users or a group of corrupt authorities, and are
    also “re-randomized” prior to being presented for verification to
    further protect user privacy. Unlike some computationally-hungry proving
    schemes, this is done in a matter of a few milliseconds making it
    highly scalable.



    Returning to the question of
    standards, Birch said W3C, DIDs and verified credentials might be the
    right option for Libra, but whether it’s that or something else,
    basically whatever they choose would end up being a standard, he said,
    concluding:




    “And you could argue, is
    that necessarily a bad thing? I mean what happens if they come up with a
    good standard for identity and attributes and so on and then other
    people can use it, e.g. banks would be one obvious example.”

    source link


    • تعليقات بلوجر
    • تعليقات الفيس بوك
    Item Reviewed: Buried in Facebook’s Libra White Paper, a Digital Identity Bombshell Rating: 5 Reviewed By: 66bitcoins
    إلى الأعلى