Identity – Chip of the Old Block(chain)


The real voyage of discovery consists not in seeking new landscapes, but in having new eyes.

– Marcel Proust

 

Identity and identification, legal and physical, authentication and verification have been a great universal continuity of mankind – from mysterious Indus Valley seals (still to be deciphered) that provided safe passage and enabled commerce in the bronze age, to oral passwords in medieval castles, and today – chips, passwords, fingerprints and facial recognition. In recent years it encounters what has been heralded as the great disruption of our times, the very latest in information technology – Blockchain, that promises to radically alter the way data are stored, processed, managed and secured.

In a sense, neither statements are entirely true. Identity can also be viewed as a recent twentieth century construct, originating in the west and often imposed on colonies, with exploitative intent. On the other hand, Blockchain’s computational framework (distributed databases and hash cryptography) originated largely in the seventies, considered ancient for computers.

Why are identity and Blockchain engaging so furiously today? What does all this hope to address and solve? What is needed to happen? Success of Blockchain comes to us from the claimed success of Bitcoin, a cryptocurrency, and it is somehow alluded that Blockchain can similarly address (and therefore disrupt) problems of identity.

With the current focus on legal identity and birth registration, and the urgent call for universal coverage that requires 1.1 billion more individuals to be covered by 2030, requiring newer, more secure, structured and versatile super-systems; a notion seems to be emerging that Blockchain provides just the panacea. However, progress has been slow.

Thus today, scores of articles appear everyday with claims about Blockchain and identity. Many of them have all the tell-tale signs of how disruption must be presented: with personal conviction and in all its urgency, and are thus written in first person, and often with scant attention to grammar. Significant effort is devoted to providing simpler and clearer descriptions of Blockchain as though the slow uptake is really a problem of comprehension. However, there have also been significant studies that attempt to address this issue more substantially. Pilot projects are also being launched to test alternative Blockchain solutions for today’s common identity (and identification) problems.

In recent years, policy-makers have noted both – the significant technological advances addressing identity and identification, as well as that the subject of identity has also become more interconnected and encompasses a wider range of issues than ever before – law, politics, democracy, process, human rights, commerce, crime, security and sheer numbers. Every country needs to address it, and every human being on the planet is touched by it. Just air travel alone will involve nearly five billion individual border crossings and as already stated, over one out of every eight persons on this planet are yet to see an identity paper in their life-times. No doubt the 2030 target, spelt out under the United Nations (UN) Sustainable Development Goals (SDG #16.9) is both urgent and important.

But what are the current problems with identity and how can Blockchain address them?

As described earlier, an eclectic variety of data is required to fully establish the identity of an individual, which can then be used in different ways, under well-defined and properly understood conditions.

Civil Registration (CR), that is part of Civil Registration and Vital Statistics (CRVS) is one such rich source of data and runs close to a country’s legal system. It covers birth, death, marriage and separation, among others and defines legal identity that includes aspects such as citizenship, nationality, residence, naturalization and a host of other phenomena that fundamentally affect an individual’s status. Another is a country’s national ID or civil identification (CI) system that is responsible for issuing National ID cards as well as holds the biometrics, that are likely to be used repeatedly for verification purposes.

Therefore, its first-time capture and one-to-many check (by deploying an Automatic Fingerprint Identification System – AFIS) to ensure uniqueness are extremely significant. Just linking these two in practice, often involving millions of records, is daunting. Going forward, this has become an area of focus and various studies have indicated that this can be done in one of four ways: assign a Unique Identification Number (UIN) in the CR during birth registration, and then create a corresponding entry in the CI using the same later, generate a UIN in the CI and send it back to the CR, have separate identification numbers in the CR and CI and connect the two using and additional data table and finally have biometrics to connect the two.

Each has relative disadvantages such as, the first requires workarounds to address individuals not born in the country. The second requires reliable online connections at all times to ensure that births are comprehensively recorded. The third is tedious and difficult to reconcile and finally the last option still faces technical limitations of infant biometrics as well as the associated legal question of informed consent.

Assuming, that all this is satisfactorily resolved, then comes the question of using first, the legal identity information to determine eligibility (for example, for welfare schemes, pensions and voting) and second, to use the biometrics for identity verification. Both are intimately connected to individual privacy and data security.

To complete the picture, a better understanding is required of techniques that facilitate biographic matching that comes with complexities such as multi-cultural name-matching as well as ways to determine if two sets of biographic data relate to the same individual or not.

In some sense, the four prime areas of concern therefore are: the legal aspects of identity as drawn from CR, biographics, biometrics and finally the capability to search and match reliably among them and link to other functional registers, such as voting, pensions, passports and drivers licenses.

Blockchain does not seem to inherently address these problem areas today, but can it in the future? Also, with the intense focus on Blockchain, some other promising techniques are escaping attention. For example, legalities are most often hierarchically structured from the general to the specific, legal identity can therefore be best managed using taxonomies. Deployment of a hierarchical database would be ideal for this, but Blockchain is a distributed database. Biographics is best addressed outside of a database structure and the most powerful systems today are deployed using CPU memory arrays enabling searches in various directions simultaneously. Biometrics depends on massively parallel processing, currently deployed on blade server arrays. Every individual’s data would be best arranged using classical relational databases – enabling locations, characteristics and even names to be normalized and therefore made consistent.

At first glance, it seems that Blockchain does not add anything significant to identity management solutions that need such a wider array of capabilities to address likely challenges. Thus, imagine keeping data consistent among structures as diverse as relational, hierarchical and distributed databases, as well as CPU arrays. Also, national identity systems tend to be large and consist of millions (if not billions) of records. To bridge such massive and diverse data structures, current techniques such as replication are woefully inadequate.

However, a point in favor is that the process of civil registration is defined as being compulsory, universal, continuous and confidential, that sounds almost like Blockchain itself – and at least maps well onto the requirements of continuity and the confidentiality. However, the other characteristics (compulsory and universal) might have more to do with the associated law and manual process, and yet other key features like non-repudiation can be implemented in different ways, like the consensus in Bitcoin.

Can Blockchain therefore be the basic building block for identity systems and be the overarching framework for its next generation architecture, or is it rather just a useful component? These are just some of the questions that will need to be answered sooner or later. However, there are other issues as well.

On the issue of permanence too, opinion is divided and data on computer is not considered “permanent” by many. Part of the evidence is empirical as computer data storage formats seem to become obsolete every few years. This holds true even for the single generation of micro-processor-based computers as we know them today, and certainly without exception of the older formats like tapes and main-frames. More explicitly, data from the nineties is certainly not accessible today – less than three decades later. There are problems with the life of the media, obsolescence of the read/write devices, and more ominously with the data encoding and format (EIBCIDIC, ASCII etc.) Ironically, hand-written paper records last longer. Some of the paper is known, in contrast, to last for centuries and so is the language discernible over generations. Therefore, hand-written church records of births, deaths and marriages come to us perfectly readable from the sixteenth century, while the same cannot be said of computer records as recent as twenty-five years. Listening to an archivist recently, the term “benign neglect” caught my attention and from there to the politics of access – and many of these fundamental precepts seemed to need fundamental rethinking, the same way that mobile phones seem to provide limitless capability to the individual to be in touch and participate in commerce, till a government or a corporation decides to shut down such networks for political or commercial reasons and thus “switch-off” the fundamental freedoms of millions of people in a single stroke.

Today, a system architect might be tempted to visualize all this as a question of form and function, in both space and time, such is the extent of identity records that span at any given time – the past and present (and future). As an eminent scholar recently pointed out, any strategy to change the unique identity numbers (UINs) in a country, given that centenarians live on, could take a century to implement – a metaphor perhaps, but one that brings home the real dimension of what universal and continuous really mean.

In the field of identity, many technologies have taken center-stage in the last few decades. eDocuments is one, and both chip-based identification cards as well as ePassports have been immensely successful in many ways. Biometrics is another and has provided remarkable improvements in civil identification and verification. Biographics also addresses identity problems but is only now being formalized as a distinct discipline. Today, each of them seems to address only a part of the solution, not because of any limitations of their part, but because the problems have wider definitions today. Identity is no longer just physical identity, it is also legal identity, and it is also how individuals connect to the government, to the economy and to one another. Blockchain claims to fill up the space in which all this needs to be meaningfully connected over the lifetimes of millions of individuals.

Identity also has a flipside – privacy. If all information about every individual were available, especially to the state or belligerents, it could abet human rights violations.
eDocuments, for example (chip-based identification cards and ePassports) ostensibly prevent this from happening. Biometrics for example can be restricted to remain securely in such devices and in the hands of the individuals themselves and processed in a secure manner.

If for some reason, an eDocument is not part of an identification scheme, then the architecture needs to be cantilevered to the extremes – a paper record perhaps with a bar-code or a machine-readable zone (MRZ) that automates its coupling to a computer system, or via direct access to a computer system without such an individual token. The latter poses critical challenges and some of the most important are: identity data no longer resides with the individual, and if the computer systems are not accessible for some reason, the information is not available when and where it is required. Blockchain seems to be most helpful in this aspect, by ensuring that the data is not centralized and therefore susceptible to single-point manipulation and yet being available when and where required.

Clearly, Blockchain’s, two essential characteristics come into play here – that it can provide a stable but distributed structure for the large masses of identity data to be stored relatively permanently, and encryption to ensure that it is securely sequenced. This seems to be the most compelling motivation for it to become the new body in which the soul of identity could reside. But are they really made for each other? Some answers are clearly not available today. Even that the body and soul are commensurate is not always self-evident.

Blockchain requires substantial infrastructure, capacity and resources and as of now, identity systems need to catch up mainly in developing and low-income countries, which would scarcely have such means. Some say, such situations require simpler solutions that are easier to sustain, and even if Blockchain fits the bill, there are other apprehensions as described earlier, that relate to the wider technical paradigm of identity digitalization – the most paramount being the ability to search and match identities, and finally bring together biographics and biometrics, civil registration and identification, use a common life-long unique identification number and yet not transgress the limits of individual privacy and data security. The more creative architects would love to see taxonomies, so that legalities of identity find a home too.

To conclude on a post-modern note, it is unfinished business right now. Blockchain today comes across as an unfinished structure in an unfamiliar landscape, endless raw concrete and steel, scaffolding and even hard-hatted workers still astride the freshly cast beams. Passers-by can only guess if this will be a fortress, or an amusement place – a casino. There are no signs to go by, especially who owns it. No one knows yet, who can visit or inhabit this place. At a recent conference on the subject, these two points recurred: identity belongs as much to the individual as to the state and thus Blockchain must work together with both, and that both truth and falsehood arise equally out of the peoples’ minds and who can prevent both from finding a place.

Perhaps the answer is in imagining it in other ways and lies in what Proust says (quoted above) and that Blockchain is “not the new landscape, but the new eyes” with which to envision identity, and everything else will fall in place.

© Sanjay Dharwadker, Utrecht, March 2018
Categories: Uncategorized

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: