Blog
Privado ID Solutions
Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua.
LoremVerifying digital identities while preserving privacy has become increasingly important, particularly with the growing influence of AI and deepfakes.
This article explores how unique digital identifiers can help build trust and reputation online without compromising personal privacy:
Building trust among digital users begins with establishing a reliable system for verifying individual identities and ensuring each user's reputation is real. For instance, such a reputation system could be used to issue credentials to users before they decide to meet in real life after using a dating app, so each person can trust the other before taking the risk.
So, how can individual reputation be built? The truth is, reputation cannot exist without a personal proof of uniqueness. This means that reputation systems first need to trust that you are a user (not a bot) –you need to prove your humanity. That should be the first filter to avoid scammers and bots on the app. Usually this is proven during the onboarding of the user into the app, with things as simple as a captcha or more sophisticated as a video recording.
However, that doesn't prove anything about your intentions. In fact, it's impossible to assess your intentions –the best we can do is to mimic the reputation models that we have in the real world– or in other online reputation models that do work (like the reviews for hotels and restaurants).
The common factor in these 2 cases (real world people and online business) is that they can't remove their past actions and behaviors from their history. There is no "reset" button for your reputation when it's attached to your identity. And that's the key –your identity should be unique and permanent.
Reputation systems don't work if you can just create another account and start again. That's why any online reputation model for individuals has to rely on Proof of Uniqueness –the proof that, as a person, you can only have one account in this app. If you try to create a second account, the system will detect that it's you again and will not allow it.
The only way to achieve this is through the combination of national ID and biometrics –the same process used by banks and other institutions to comply with the KYC regulations.
But reputation is bigger than your biometric hash or your national ID –reputation is the aggregation of multiple sources of attestation, each one with their own reputation. Reputation could be just a scoring system (by all the people who have met you in person) or something more complex that assigns different "weights" to the scoring of each individual based on their own reputation.
That is why this statement remains valid: Reputation is only possible with unique identities. While it is impossible to prove good intentions (as is the case in the real world), giving individuals something to lose is the most effective way to prevent wrongdoing
The previous section outlined the need for a proof of uniqueness (a unique global and permanent, human-attached identifier) as the cornerstone of any digital reputation system.
Why is a digital reputation system needed? Because society is moving backwards to the per-photography era, when the trust didn't come from the content itself (text), but from the source (who wrote it, who published it).
The audiovisual era changed these trust assumptions –there is no longer a need to know the source of a photo or a video to trust it– a video taken from the battlefield in Ukraine with a mobile phone can be anonymous and most people will trust that these actions happened. when reading about the same facts in a newspaper, the credibility of the source would likely be questioned before fully believing what it is saying:
Generative AI will take society back to source-based trust (in opposition to content-based trust). The challenge is that we don't have trusted identities nor a long-lasting reputation don’t exist in the digital space. If the source of a fake video is a Twitter account or an e-mail address, the reputation can be clean just by creating another one.
That is why long lasting reputations attached to trusted identities is crucial to re-establish communication channels in a post-AI era.
Let's imagine that somehow each individual has a unique identifier that is attached to them forever (like WorldCoin is doing, or like your government does when you get your digital national ID) –you get only once in your lifetime, you can't change it or get more. What happens now?
This identifier will be used by any digital service provider (social networks, e-commerce, mobile apps…) to verify that you are a unique human being (not an AI) –it will be the ultimate reverse Turing Test, the new Captcha. But there is an important difference to Captcha –if you share your unique identifier you are risking yourself to:
You can extend these examples further by replacing "accounts" by "people". These sentences are way scarier: banning an account, stealing an account, doxing an account, or monitoring an account…
The solutions proposed for these challenges in using personal unique identifiers have been always related to a bunch of cryptography tools like Zero Knowledge, Hashing, Accumulators, etc. Both Worldcoin and Privado ID use a similar idea:
First Challenge – the identifier
When a wallet “presents” credentials to a service provider it can follow different mechanisms (DIDCOM, OpenID, Connect your Wallet…) –but there is always an authentication step, then the user of the wallet has to prove that he is in control of the “secret” that protects his identity (password, device, or private keys).
In the world of Web3 decentralized identities, this usually means sharing your Ethereum Address or your DID (decentralized identifier). Once this is done, then the wallet can present credentials owned by that identifier (NFT, verifiable credentials, etc.).
The first challenge with privacy is that by sharing this identifier (Ethereum Address or DID) and later presenting credentials links one to the other –now the service provider knows that that DID is linked to that person. The more you use your credentials, the more you are doxing your identifier.
Imagine that you are asked to share your country of residence in one application, your date of birth to another and your employer to a third one. Although none of them have the full picture, it would be easy for an external observer to collect this data under the same identifier and build a full profile of you (especially if you leave these traces on-chain or on public networks).
The technical solution for this is quite simple (conceptually, although not technically) –give each application a different identifier so they can’t track you. But wait…does that mean that you’ll have to manage hundreds of identifiers? Also –do you need to obtain credentials for each new identifier?
Here is where cryptography comes to the rescue. You can generate a Zero-Knowledge proof about the fact that your application-specific identifier is deterministically derived from your permanent identifier –and that means that any credential issued to your permanent identifier is also valid for all the new application-specific identifiers. And all that can be managed automatically by your wallet.
In Privado ID we call this feature “Private Profiles” –and is the default option every time you present credentials to an application.
This challenge is still unsolved when the identifier is your Ethereum address –and that’s why it is argued that the identifier should not be your address (DID are better)… but that’s a long story that can be discussed in another post.
Second Challenge –sharing the uniqueness credential
Ok, you authenticated and proved that you are in control of the identifier that holds the credentials in a private manner –now what? That doesn’t prove that you are a unique human. A bot could create thousands of identifiers –what closes the deal is that you also used the identifier to obtain credentials about your uniqueness from a trusted issuer (government, bank, orbs, etc.).
Can you now share the credential with the application? Well, if you do so you risk to suffer all the consequences exposed above –you would be giving that application our passport number or biometric hash with all its consequences.
The technical solution for this is similar to the way identifiers were “anonymized” before:
This way, the service provider doesn't get your real unique identifier –but if the user tries to use the service again under the same context token, the wallet will generate the same CBUI. The CBUI is unique in this context.
Now, the service provider can work with a single context or create multiple contexts –an example would be a web selling tickets to multiple concerts that wants to sell 1 ticket per person. Each concert would have a different context-token, so each user would have a CBUI per concert.
Both Worldcoin and Privado ID use this technique –the difference is that the first one can only present the uniqueness credentials, while Privado ID can present any type of credentials in the same privacy preserving way.
Third Challenge –Service Providers Collusion
Context-based-unique-identifiers (CBUI) seem a good solution to the problem –but they depend on the service provider to keep their context for themselves.
What would happen if a consortium of big service providers (e.g. FAANG) decided to use the same context token forever? Then all users would be using a perpetual global context –and the CBUI would lose all validity –you are not sharing your passport, but it doesn’t matter because your CBUI is just as irreplaceable and important.
The truth is that there is not a solution to avoid this type of behavior yet –this is a new field of research to be explored. Privado ID is committed to build trustless systems that don’t depend on the good behavior of their users.
Nobody said privacy was easy.
The importance of privacy-preserving mechanisms for sharing unique identifiers has been discussed over this article, but the process of obtaining such identifiers has not yet been addressed. Who should be responsible for providing these unique identifiers?
First, let’s talk about different options to generate identifiers that can be attached to people. They can be classified in 2 types:
There are some pros and cons for each:
For the first case, there are hundreds of biometry providers that can generate biometric hashes. For the second, the most common provider is your government (national ID and passport).
Which one is better?
As discussed before, the question is not whether it can exist, but if it should exist. Having a UUID (in opposition to a context-based unique ID) is a direct road to a dystopian future where one could be banned from all digital services or tracked perpetually.
If the question is “can it exist?”, then it is needed to determine which type of identifier should serve as the UUID.
Since each biometric solution provider will have a different algorithm, they will produce different biometric vectors even when they are scanning the same thing (Facetec will produce a different biometric vector than Facia on the same face).
This means that you can’t have multiple biometric providers as the source of our UUID –so the only solution here is a global monopoly (this is what Worldcoin is trying to achieve)-- a single source means that your vector is really universally unique.
To avoid this scenario, the second option is to use your government's arbitrary ID. Each government has been doing this for decades and that is how passport numbers work. The challenge now lies in finding a way to use these UUID provided by governments in a way that they cannot be tracked or shared without your consent.
Connecting all the dots, the best solution would be:
Privado ID is making this a reality –solving the problem of trust without creating a dystopian scenario. This is a political and social decision, but the commitment is to show that it’s possible to do it in the right way.
If you want to explore identity solutions with us, please contact the Privado ID's growth team.