Webinar #2: Reinventing Identity on the Blockchain

Webinar Overview

Author: Alex Tapscott, Vinny Lingham
Release Date: August 15, 2017

Abstract:

Hosted by BRI Executive Director Alex Tapscott and featuring South African Entrepreneur Vinny Lingham, CEO of Blockchain Identity management startup Civic. Civic is on a mission to deliver secure, low-cost, and decentralized identity verification via the blockchain. Civic will be an identity platform for everything from passports, driver’s licenses, birth certificates, wedding certificates and more.

[00:00] Alex: Vinny, let’s just confirm quickly that you can hear me. Can you hear me? Terrific. Excellent. Welcome everybody to the second webinar in our Blockchain Research Institute ™ webinar series. We’re delighted to be joined here today by Vinny Lingham, who is the CEO of Civic and is one of the most well regarded figures in the entire Blockchain industry. Regarding the Blockchain Research Institute ™, this is the largest, and we think the most broad and the most deep investigation into Blockchain opportunities, challenges, and use cases. We have as our supporters a number of large corporations, governments, not for profit organizations, and other industry bodies. The purpose of the blockchain research institute, as many of you on the call know is to look into the impact of this technology on basically every single industry in the economy; everything from financial services to this manufacturing, retail, media, and even government. But in addition to that, we’re also looking and how it changes the nature of how we organize capability in the economy; what does this mean for different aspects of our organizations and even our company, so how does this change the role of a chief investment officer, or a chief information officer, or a chief operating officer, et cetera. And as part of our investigation also doing some deep dives into very specific areas that we think require a lot of exposition. And one that I think is probably the most important is this question of identity, that perhaps because of this technology our notion of what identity means how we think about our virtual self in the new digital world is going to change, and I think that there is arguably no person in the world who’s more qualified to talk about that then the CEO of a blockchain identity company, and we’re delighted to be here with Vinny today. So Vinny, let’s kick things off. In the book we talked about how one of the problems with the way the world works today is that intermediaries capture all this data about people. And that’s problematic for a couple of reasons, because it could mean that individuals can’t use that data to organize their affairs, that they can’t know perhaps how much it’s worth and therefore cannot monetize it, and that maybe it could actually undermine their privacy. Could you talk about – maybe expand on that. What are the problems with how we think about identity today?

[02:49] Vinny: Yeah Alex, great. So happy to be on the webinar with you. So I think the weird thing about identity today is that it’s – let me start with an example of a way we’ve seen a massive problem in the industry. So as we’ve gone up and tried to build our service, we’ve had strong service providers who wanted to give us the ability to verify the information remotely for people. And one of the terms in these contracts is actually quite scary: it’s that they own the data. And so when we say we’re building a reusable KYC system, actually all we’re trying to make sure we do is give the consumers the ability to take the identity information and reuse it. That’s a breach to their terms and conditions, because they own your data. You don’t own it, they do.

[03:40] Alex: When you say KYC, it’s know your customer.

[03:42] Vinny: Sorry, yes, know your customer data. So he problem we have today is that all the ID providers really believe that their database of information is owned by them, and nobody else. And you pay a license to access that information as a service. And what we’re trying to build is a way of giving consumers the ownership of their data and then ensuring that that information is reused. But that’s just one example of a way I think we’re just thinking about dealing with it the wrong way.

[04:10] Alex: can you give us any other examples – so the question there is who owns the data, and that’s really important. Are there other issues that are problematic today that you can pick up?

[04:19] Vinny: Yeah so, obviously forwarding and identity theft is a big issue. So the thing is, when we’re in the digital world, what is interesting is that knowledge of data is something which anyone can have, right? A key is something anyone – a physical key, you have to have possession of the atoms to actually use a key on a lock or a door. But in the digital world, you could have a copy of information, and you could type it into a web form and you could report to be who you are. So it’s very interesting that differentiation of the physical world from the digital world, where it’s not as simple as just having physical possession of the actual atoms in the electron space – it’s different. So how do you fix the problem when someone who has your information, be it a bidder breach or –  there’s access still on your records, they could not use this information and pretend to be you. So when we’re thinking about how to fix that problem, how do you give a digital key to someone so that you have the data, plus the digital key, that can’t be faked, that gives and proves ownership. So the way it works in the real world is, for example, passports and driver’s licenses – these are forgeable. But to forge a digital key using the Blockchains, is I would say virtually impossible to do as well. Maybe you could argue, with quantum computing yes, that can be done. But today, right now, it’s virtually impossible. We know about cryptography.

[05:47] Alex: So why don’t we go into that in a little bit of detail? Without being too technical, I want you to describe this without using the word marquetry, if that’s possible, to describe how does Civic work and how is it that a Civic identity isn’t forgeable, and isn’t subject to fraud. How does it work? What’s the technical high level? What’s the technical way in which this works?

[06:13] Vinny: So right now today with Civic, what we do is, you come to the website, you know the use case, you download the app, the Civic app on the app store, you go to the app section that requires private information about yourself, and scan a QR code, so token management, or BnkToTheFuture, for example, and then we would go through the process of verifying you are who you say you are. So we ask you some questions, or we verify your phone number first, and your email address. And then we ask you what’s your full name, where do you live, and we actually have lookups against public records on this information. So we know for example, if your phone matches the phone number on a public record, then that’s probably you, if your email matches, that’s a good indicator as well. We can send a postcard to your house to verify you are who you say you are. So we go through a process at Civic of verifying, pretty much like a bank does, that you are who you say you are. At that point we’re placing placing attestations, which is basically us saying: we believe that this is you, on the Blockchain, and we are creating a private key so a Bitcoin wallet on your phone, which basically holds private keys – these keys are effectively cryptographic keys, which make it impossible to forge, it’s statistically impossible to forge. So we generate a seed, which generates the keys, put it on your device and now if you go and present that information, plus that cryptographic key, and it matches up with the Blockchain for it, it means that it’s you. So someone has to physically steal your device, hack into it, open it up, type in the pin code and passwords, whatever, to be able to then use that information elsewhere. You can’t just throw in a and clean the device, copy the information, you actually have to have physical possession of that device to prove that the information that we’ve ascertained about you is actually in fact you. So what Civic is doing right now, we are the only verifier in the market, and we did a token sale, and we’re building in a marketplace where out-of-industry incumbents, like banks, financial services companies, anyone could come to the marketplace and say, I trust that this is Alex, and he has a set of keys he can use the next time he tries to use our services. And if he provides the information, plus the key, we can trust that that’s him to a very high degree.

[08:31] Alex: And from there I’m guessing the eventually the identity itself is so robust that the next company or the next vendor that comes along doesn’t need to go through all the same work and can just use the Civic identity and trust that the information in it i accurate for the reasons you just described, is that right?

[08:50] Vinny: That’s correct. So let’s go for example, what we launched in October, is global age verification. So right now if you got to certain countries, there are age restrictions on certain website. Any adult material, tobacco, alcohol, you name it. There’s restrictions, and for good reason: you should be over 18 to order alcohol, or over 21, whatever it is. Now for these sites to verify that you’re over 21 on an alcohol purchase means that they have to take a copy of your driver’s license. So you have to stand in front of the screen, hold up your driver’s license, scan it, verify it. And this is costly for them; they pay even from 50 cents to about two dollars to do it. With Civic, we can basically allow you to scan a QR code, authenticate it using a thumb print on your phone, or even a selfie, and reduce the cost to 5 to 10 cents, making it really cheap worldwide. So now people can browse through websites and make purchases online using digital ID with authentication to verify their age. At that point, you’re not giving away all this information. You’re not saying, hey, my name is Alex, this is where I live, this is my address, this is all my information and driver’s license. Instead you’re saying is, hey, I’m over 21, let me in.

[10:00] Alex: So I guess if you were to break it down there are soft of two benefits of this, which is that there’s the the benefit for the individual, which is that their privacy is protected more than it would be in a world where there are versions of you spread out around hundreds of different companies and institutions that you interact with. But there also seems to be an economic reason for the company itself. The rough that here I guess is that you can reduce the cost by 90% from $0.50 to $0.05 or what have you. What are some of them big, like the biggest markets for this? If we’re not looking at it from an individual, but from a company, why would they want to use a blockchain identity system? Where can you remove the most cost and the most friction in the economy?

[10:49] Vinny: When we look at the space, it’s actually just an immense amount of opportunity for them, if you think about it, all the different sectors. In every sector, there’s a use case. Everything from, let’s look at travel, for example. When hotel operators have large gusts of people coming into the hotel to check in, it really messes up the hotel check-in schedule. They’ve got people standing in lines, they are late, they’re annoyed, but for legal reasons they’ve got to check the ID of every single person and that goes through the door. Imagine just being able to walk up to your room, authenticate your ID in your phone, and your door lets you in because you know exactly what room number you’re in. We’re at that point where that’s possible; a lot of the hotel chains right now, what they do is, when you go into check-in services, you still gotta go to front desk, you still have to show them your ID. And then they give you your digital pass, and that’s just crazy. And I’ve had to stand in line in New York hotels for like 40 minutes, even though I got my room assigned, and my phone opened the door, they want my ID a the front desk. These are some examples that we’re looking at and how I think we can make an improvement. The same with going through security in an airport: you bring out your boarding pass, you bring out your ID, and they have to scan both. You can cut lines 25 to 30 percent by only having one screen that you scan, and it’s more secure and it’s not like it can be faked. You look at the US, I think the TSA is blocking about seven or eight states IDs from being used from the 1st of January, because the security of all these physical IDs is not good enough. So, these are problems we can solve.

[12:17] Alex: Yeah, I think that is a great lead to two questions. The first one is, when it comes to buying alcohol, or checking into a hotel, or going through security, those rules exist because they were put in place by governments and by regulators. So in order to introduce a system like Civic, or any new Blockchain identity system that reduces this fortune, that reduces the need to show a government issued identity, don’t you need to get the regulators or governments on board? How are you thinking about that and how are you addressing that today?

[12:47] Vinny: So let’s think about it a little differently, and I’m using a simple use case. If an under-21-year-old gets caught in a bar and what’s the fine, like, 20 thousand bucks of something? There is a penalty for it, right? It’s typically a fine. What if we say to these companies, we will just assure you; we will guarantee that every single person who gets a Civic ID going through your bar, that you check and verify, isn’t underage, and if you get in trouble, we’re gonna identify you and pay the fee. Now that’s how you get past some of these laws, you actually just use commercial terms. Just say, look, we’re reducing the risks significantly, and we trust our systems and ourselves to decrease the risk. And so, if there is a regulatory backlash, or there is some sort of fine, we can identify you, and we can take insurance on this, you know, we’ve spoken to your insurance companies, we can insure the risk ourselves. But because he system is so much better than the existing systems today, and the risk of something like that happening is one in twenty thousand, one in fifty thousand, or one in a hundred thousand, it’s very low risk. And so therefore, you can actually commercially get past some of these laws; I’m not saying you can pass all of them, but once you start early adoption at those sorts of levels, where this is consistent, stable, and reliable – look, we’re not in this for a one or two year game, this is a ten year play. And so we’re gonna just keep hitting use case after use case and making sure that we can roll this off.

[14:11] Alex: I wondered about that though, because I don’t know what the rules are in California, but in a lot of places the law itself would state that you need to show a valid government ID if asked, and that a valid government ID – I mean, you could make the argument, that if the same attestations of a government ID are in a Civic ID, then it’s the same underlying data. And maybe that’s just a semantic argument, but I’m not sure that a police officer or a lawyer, you know, a state prosecutor, would see it the same way.

[14:42] Vinny: About that, that’s a fallacy. Often a law doesn’t state that, the law says that you have to verify the age is above certain limit. What people then do is, because they get hit by fake IDs all the time, they put up signs saying, we require a stage of government ID. So that’s if you dig into it. It’s just the business process of the companies themselves that force them, because you can go to certain places and buy fake IDs. Because they’re so common, to companies themselves put those rules in place, doesn’t have to be a law necessarily. In some cases they are, but in many cases, they’re not.

[15:17] Alex: So let’s talk maybe about some use cases where commercial terms would be insufficient. Let’s go back to the airport example. So, you know, the Department of Homeland Security is who is checking those IDs, and they are not incentivized by commercial terms. How do you work with government agencies, or is that to you not a priority today, and you’re looking at something lower hanged first?

[15:44] Vinny: We’re looking at lower hanging things for sure. It’s gonna take two years, three years, four years, to roll this out with governments. It’s just not a focus for us right now in terms of putting all our efforts there. Our efforts should be trying to make ID verification a reusable service for commercial entities and largely for online use cases right now, because that’s what makes the most sense. You know, you go to bitcoin exchanges, or cryptocurrency exchanges, you have top open up an account. That actually is  tedious process, it takes a long time to verify information, it’s very costly. If you’re a millennial and you want to be a driver for an Uber, or DoorDash, Lyft, et cetera, Postmates, you have to go through ID verification and driver’s license verification every single time. You may do it in the same three or four days, but you have to do it multiple times, and those companies, instead of just reusing a single ID, they have to do this research multiple times on the background. This needs to be resolved on the short term.

[16:56] Alex: So let’s talk about some more of those online use cases, if you don’t mind. So it sounds like you’re starting off by going after the community itself, that is probably aware of who you are and comfortable with managing their identity on their devices. Let’s just say not online – all use cases. How are you finding consumers are responding to this? The idea of having all of this information about themselves that they control. I think for a lot of people that’s very empowering, but for others it might seem a little bit daunting or overwhelming. Are you finding that that’s the case?

[17:39] Vinny: Look, I think people love the concept of being able to control their information. I mean, let me give you a hint of the long term effort for the company. What we’re trying to do is, we’re trying to get to a point where your information is never actually stored on a company’s server. So if a company has info stored on some sort of a virtual could-type service – If you look at IPFS, what they’re doing with Filecoin, et cetera (illegible)… I’m going, I don’t want to be part of this program anymore, I don’t want you to have my information, you can just revoke the access to that bucket. In the future, it’s very likely that companies will write the information to their bucket in real time. Essentially, they’re using some sort of cloud service to deal with customer information, so they can’t get hacked and lose the information. This is the way we would like to see it going.

[18:46] Alex: So regarding industries, you’ve talked about the Bitcoin, Blockchain community, sharing economy models, certain government use cases – what are the other industries and verticals that you are most excited to partner with?

[19:00] Vinny: I think e-commerce is big as well. I mean, credit forgeries right, worldwide, and so if we can verify someone’s ID – you know, one of the problems we have today is, if you go e-commerce, you’re from a different country, and you’re buying online, people are very hesitant to ship to your country. They don’t trust that they won’t be charged, et cetera. So this is one of the things we think we can solve. We can verify that it’s you and that’s your credit card, then we know that we can guarantee, at least to some extent, that it’s a legitimate transaction. So it helps solve e-commerce fraud as well. Also I think it’s taking the e’s out of using online services, and social networks, etcetera. How do you know the people are who they say they are? The one other category we’re very excited about is online dating. That’s a huge category. How do you know the person you’re talking to is a 28-year-old male or a 35-year-old female in San Francisco? You don’t! It could be a dog that you’re talking to, as the old internet meme goes. And so, we’re able to attach a Civic ID account to that profile and verify that that person is who they say they are. You can have a little bit more security. And this applies to things like shopping on Craigslist, et cetera. How do you know that the person is who they say they are? So we can solve that problem, and that I think opens up a whole new world of trust online. You’re on mute, Alex.

[20:29] Alex: So Civic is one of the leaders in this field, but there are lots of others that are trying to tackle this problem. So, is this going to be a scenario where it’s a winner-take-all, is it going to be that there are lots of companies, but they collect around a set of standards on what identity attributes are shared, how it works, and where it’s stored? Because that seems like a huge opportunity, basically, to empower individuals to control their own information? Could we end up in a scenario where that’s balkanized in different platforms, where there’s some people in ones, and some people in other things? How do you think about those challenges?

[21:06] Vinny: Yeah so, we’ve joined Microsoft’s dev for the Decentralized Identity Forum, and we’re all working, all companies, on just creating standards for all this. When we look at our competitors in the space, no one’s actually building any consumer brand, and they’re actually building the consumer on-brand thing, and interfaces, and that’s what Civic’s focused on. We’re focused on being the consumer brand, and we’ll be as interoperable as we need to be, but no one else is looking at creating a consumer brand and making to easy to actually use your ID information in multiple places. So that’s what we’re looking at, and we’re happy to be interoperable.

[21:43] Alex: So, one the things that I think also differentiates you is that you did a token launch for Civic, and for those who are not aware of this, token sales are becoming one of the dominant ways in which companies in this industry not only raise money, but also create communities and markets for their business. Your token sale was probably one of the best executed, I think, of the ones that have happened over the past six or so months. I want to spend a second on this, a little off topic but, what is your view on the phenomenon of so-called ICOs, even though I do think that’s a bit of a misnumber. But these token launches, what do they mean for the industry, and why was it that yours was successful and kind of orderly, and others have been kind of chaotic?

[22:37] Vinny: Look, I think we were orderly because we were very thoughtful about what we were trying to do, and we had the right incentives in place. So I strongly believe in incentivisation, I incentivise the company to do what’s right, I incentivise the people buying to be part of the (illegible)… – how do you think about distribution of tokens to as many people as possible? And just a sense of fairness in the process with Civic; Civic has a belief in being fair, we think that this is a part of us as a company. So we executed really well because we were very considerate about every single decision made, and it wasn’t always a apparent to the outside world why we’re making certain decisions, but we think overall, by large, it’s fair.

[23:32] Alex: You mentioned incentive. I think some project companies are doing these token launches to raise money, but you were actually doing it to create the market that you think will enable your company to grow. You started talking about incentives. So what role does the token play inside of this ecosystem? How is it that you’re getting people’s’ interests aligned to join this platform and build this app?

[24:02] Vinny: Sure, so what the tokens represent effectively, is a method of enabling smart contracting within our network, so here’s an example: if there’s a marketplace where you are a vendor, and you’re providing ID information, someone’s ID. And in that marketplace, what effectively happens is, someone can steal your information. I think this privacy breach is – you know, the same way when you go to a bar, and you show your government driver’s license, or your government ID, when you show that ID, the barman’s not really looking at the information or remembering it, right? And the good news today is that the DMV is not keeping check of the fact that you you walked up to a barman and you flashed your ID. Now in the online world, every time you use a digital ID, if somebody’s checking that, it’s a problem. Every time you use a digital ID, it’s a problem. And then the other issue is correlation risk. If someone is able to look up a profile and see all the different accounts that you have, or who’s accessing your identity, that’s a huge privacy violation as well. So we need, basically, a system of smart contracts, where people can get paid for validating your ID, but not know who’s using it and when it’s being used, and vice versa. So by doing it that way, by having this smart contracting system in place, we have essentially enabled a huge amount of privacy for people using our system, where you can use an ID, you can twenty companies vouching for who you are, you can swipe it at a door or whatever, and the person receiving it doesn’t know exactly who provided that information, but they can trust that it’s validated, and vice versa. And the money can flow between the two and they can better pay royalties and issue royalties, but in a totally private ecosystem.

[25:46] Alex: Terrific. Well, we’ve been chatting now for about thirty odd minutes, there’s some questions that have come in, so why don’t we start taking some from the people that are on the call. So here’s one, you mentioned the identity information would be stored in a mobile wallet. What would happen if someone were to lose or break their phone?

[26:06] Vinny: Good question. So the good news is, first of all, it’s just ID information, so you can recreate it and go through reverification process, but we actually enable you to backup your phone to iCloud, for example, and you can restore your phone later on, so you can get back into your phone. So you have to back it up, we recommend that you backup your information so you don’t lose it, simple as that. But the good news is, we don’t backup to our servers, we back it up to your DropBox or whatever else you want to back it up to – the reason for that is, Civic stores no information about you, so if Civic ever gets hacked, we have no information about you or anything else related to you, it’s literally always on your phone, and only on your phone.

[26:50] Alex: But in that scenario, if let’s say you’re backing up to some cold storage device that you lock in a safe, then it’s your data and you control it, but if you’re backing it up on iCloud or DropBox, if someone were to hack into that, could they not – is it almost like a pot of gold at the end of a rainbow, instead of getting tiny bits of you from different sources, they’re actually getting the whole kit and caboodle. Does that create concentration risk, if there’s this identity, or am I missing something?

[27:18] Vinny: Well, the good news is that all the information on DropBox or wherever, iCloud, can’t be decrypted by anyone other than you and Civic, using the Civic app. It’s basically a crypto file that no one can access, and you have to re-authenticate through Civic to reuse that information. And remember, it’s decentralized, so if we had 7 billion people, even if someone hacked one person, the rest remain secure. The way we look at it is, as much as all this is secure, there’s still a scenario where someone could force you to reveal your information. But then, it’s just one person, not compromising the entire network.

[28:02] Alex: Okay. Here’s a funny question, I think. Online ID verification for pornography sites could be a good market. Agree of disagree?

[28:21] Vinny: Well, I already mentioned that. I agree. I think where legal age is required, I think it would be a good thing, because it protects the young kids, first of all. If you’re over 21, you have the right to do whatever you want, if in your country it’s legal. Why should you have to show your driver’s license to show who you are if that’s something that is – it’s a privacy issue, right? You have the right to privacy in the US, and so therefore I think that it’s acceptable if you can prove you are over 18 or 21 or whatever the number issued, that you do so in a way which enables the privacy to control what you want in your personal life.

[28:58] Alex: So you mentioned – I have a different question that’s not one of the ones that people asked – but you’s originally from South Africa, Vinny. There are a lot of people in South Africa that don’t have access to basic financial services, and many of whom don’t have access to identity at all; according to the United Nations, there are two billion people in the world who actually don’t have a way to kind of attest to who they are. Now, I don’t want to sound like you’re running a business, but is there an opportunity here to help to solve that problem somehow for the world’s unbanked and unidentified? What could that mean for the world?

[29:39] Vinny: Absolutely. So this is a long term view though. In South Africa, there’s like, 48-50 million people, and I think everyone got their phone. So that’s a good thing. I think that eventually we’ll be at a point where we have digital IDs for everyone in the world on their devices. I think that’s exactly what we got here. It’s not going to be a smooth transition like it is for us, which is 20 people in an uproaring, solving a problem, but in the next 7-18 years, absolutely, that’s what we get to. I think long term, we get to a point where everyone in the world has a digital ID, and I’d like to see Civic on it.

[30:13] Alex: Question from someone here: is DNA one of the things that you will store in a Civic ID? I guess I’ll put it another way – are biometric attestations kind of part of the mix here, or part of the plan?

[30:30] Vinny: So if you wanted to store your medical records and whatever else on Civic, and we had a partnership with a hospital or a medical institute, yeah absolutely, we can allow you to store that information. Again, this is all your personal information, you choose what to store on that profile, and who you share it with. It sounds like storing biometric mockups for the purpose of authentication – so we look at the data storage now in 3D layers. We have data authentication, which requires the actual hardware to authenticate who you are, so for example, Touch ID shows your fingerprint on the actual chip on the iPhone. Then you have information about you, which we’re storing on the device that you’ve put in there. And then we have the verification, which is the attestation that we’re storing on the blockchain. So we separate the biometric layer from information and the attestations. And we don’t wanna store biometrics, because if someone gets a copy of your biometrics they can use it to prove or pretend that they’re you. So we don’t store biometrics for the sake of communication, but if you wanted to store your medical records, your DNA, you could do it, it’s just that we would need a good partner who was going to do the attestations that those are your biometrics.

[32:06] Alex: Great. Vinny, you and I have a mutual friend, her name is Katie Haun. And Katie was just until recently the department of justices, Blockchain and Fintech lead, She is a career prosecutor, and probably one of the smartest people in the world on this. And she said that Blockchains – so the notion that you can search an unalterable, uneditable record, can actually be an asset for law enforcement rather than a liability, which is what I think a lot of people think of when they think of Bitcoin; that it’s a tool used by criminals, while maybe it actually has aspects of it that make it easier for law enforcement to do their job. And she gave me one example when we spoke at a conference: she said there are 67 hundred different organizations in the United States that can issue a birth certificate. So when it comes to fraud, and you present a Massachusetts birth certificate in Hawaii, and in Massachusetts there are 200 counties that can issue one, how on earth is that Hawaiian person going to disprove that what you’ve shown them is in fact the actual, correct birth certificate? So I guess the question is, regarding the interaction of Civic and law enforcement, two sides of it: could this help to reduce the amount of fraud, and I think you’ve sort of made that point clear, but I wouldn’t mind expanding on it a little bit. But the other thing is, could law enforcement compel people to hand over their Civic identities, if they were investigating a crime? How does that work within the context of the privacy regulations? So maybe do both if you can.

[33:46] Vinny: So obviously we want to digitize birth certificates and everything else and make sure it’s available on your Civic account. I also saw someone ask the question about the criminal record. The thing about Civic is, you store what you wanna store on your profile. If you don’t want it there, it’s not there. So it’s always user controlled, so  if you have a criminal record, and this is exactly the thing we thought about as well, we want everyone to have a Civic ID. It should not be limited to just – every human being is entitled to one. Can governments compel you? Well, if they put you in a room and lock you up and they force you, and they are able to take your fingerprint and authenticate and take your data off your phone, there’s not much anyone can do at that point. Now yes, absolutely, there are risks to it: you can have multiple layers of authentication in it, you could have a secret PIN that no one else knows. At the end of the day, when it comes to coercion, there’s not much you can do. If someone holds a gun to your head and says give me what you have, it’s one of the scenarios we can’t prepare for. It’s just a fact of life. You will do anything to save your life, give up whatever you have, whatever money, files on your phone, your passport. That’s a difficult question to answer, but in theory, no, you should be storing information on your device that you think is relevant to your identity as a person, and is of use to society for good, and there are some safeguards we have in place, so for example, there’s no way, if someone hacks a site that’s using Civic credentials, and you haven’t given your name for example, but you verified your age and your birthday and other bits of information, there’s no way that they can try and get it back to you, and if you go to five different sites and they all get hacked, they can’t actually connect the information. We use unique identifiers on these sites, and we don’t even know who it is. So there’s no way of us being able to disclose that to anyone else. Put it this way: as much as possible, we’ve built as many safeguards into the system – there’s no trail on the Blockchain for using Civic, the way we designed it is, technically, it’s done in such a way that there’s no records, there’s no trail. So we’re using the Blockchain for the security and identification side of it, but we utmost respect the privacy – we are a data privacy company. We don’t think that there’s any other way of doing some of these things, but again, we can’t solve for the investigation scenario. We can make sure we protect as much as possible but there are some things we can’t do.

[36:37] Alex: Understood. I have one other question, and then we’ll go back to the questions, which is that your token sale was done – not to get too technical, but basically the token sale was done on Ethereum, but ultimately you view yourself tying into this thing, Rootstock, which is connected to Bitcoin network. So from a technical implementation standpoint, why the choice to do one and then the other? Why Rootstock? Why Bitcoin? Help people understand, basically, why tying into that network is essential to your business.

[37:12] Vinny: When we started building Civic, Ethereum wasn’t even around. It was still in the concept stage. At the end of the day, we are a Blockchain agnostic, so we could move to another Blockchain, we could use multiple Blockchains. We just don’t see the need for it right now, and we are looking, obviously, Bitcoin has some issues right now with the split, potentially another split. We will keep an eye on that, but our technology is totally agnostic as to which Blockchain we use, but we want a Blockchain that’s got system resistance, so we want one commonly manipulated, commonly modified type of chain, so immutability is key for us. So that’s why we got Bitcoin, and we’re staying with Bitcoin. We’re using Rootstock because again, if we host it on Bitcoin, then the whole platform is on Bitcoin, and so when it comes to Rootstock, what they’ve done is basically taking Ethereum and kind of put it in Bitcoin, so we don’t have to build a bridge to Ethereum as well, we can do it natively. So just for technical reasons and simply market reasons, we decided to stick with Bitcoin. Then again, we could go elsewhere, we would have to have a very good reason to go elsewhere.

[38:23] Alex: Great. So, I think there are a couple folks here wondering if they were to use Civic as a vendor, how long does it take to set up, what’s the process, how does the token play into it/ Like, how do you onboard someone and how does someone start using this as a service?

[38:42] Vinny: So if you want to start accepting Civic accounts, email partners@civic.com. We’re onboarding people slowly right now, just under twenty in the past month, which is quite slow. We’re going to increase that. And by the way, those twenty represent about two hundred and fifty million active monthly users worldwide. So they are onboarding with us right now, it’s quite big for an interface building app. And then over the next month or so – we’re also building an onboarding system that can make it really easy for anyone to sign up and become a Civic partner. And then in terms of the tokens, those are only usable in six months time, once we launch the marketplace, but for now they are available and they are trading on Bittrex, for example.

[39:22] Alex: Terrific. And one of the things on your crowdsale, which is that –  I believe that you made everybody open a Civic account to participate in the crowdsale. How many users did you get doing that?

[39:37] Vinny: Twenty or thirty thousand. It was great.

[39:41] Alex: That’s good customer acquisition strategy! People might choose to adopt that in the future.

[39:48] Vinny: It was great, it was good footing for us as well, so we learned a ton about the people, and people always see how they can use it, and this is really cool, I’d like to use it elsewhere, we have other companies now using it as well. Will be announcing some of these soon.

[40:04] Alex: Terrific. Well, I’m just gonna go through the questions, make sure we didn’t miss anything here. We’ve got a couple of minutes left. One question that someone asked was regarding the regulatory environment in different countries. You know, basically, how in Europe there might be more strict privacy laws, and in a place like China, the gun to your head is the norm, it’s not an exception or a crime, so you have to divulge everything. So from your perspective, as a business builder, and you’re thinking about your role, what are the markets, geographic markets, that you’re most interested in at this particular point in time?

[40:41] Vinny: Right now, I think obviously, US, UK, Canada; English speaking countries. But we’re launching age verification as a global solution, so we’re actually – I don’t know the final country cap, but in theory, by the end of the year, we should be in over 100 countries. October may be a limited set, but it should be over 100 countries. So we’re trying to get to over 100 countries before the end of the year, and that basically allows us to do age verification globally for websites. And I think the UK’s bringing in laws that assume that for all sites you have to be over 21 or 18 or whichever it is, and they have to do age verification on every single site, every company that’s trying to serve that market needs verification. And again, age verification is just a basic thing, even to get on websites, a basic requirement. Like, hey, is this person the age that they say they are? We think that this is pretty big for us.

[41:42] Alex: So someone had one question at the end, and I think we answered it, but I want to make sure it’s perfectly clear. The question is, is only the information required for use disclosed? For example, if age verification is required, only age is disclosed. If I go to the doctor, only medically relevant information is disclosed. How do you answer that?

[42:00] Vinny: That is correct. We have different levels of access – you can actually do an anonymous log in on a device, so you can log in with either your email or your phone number. There’s a unique identifier, which means you can’t do it multiple times, but they can at least check that it’s you without knowing anything about you. You can also say, I’m over 21, and I’m anonymous, and no one knows who you are, but you’re over 21, the same way. You can also go to a cancer patient website and say, here’s a medical record proving I’m a stage three cancer patient and not give any other information about you, and all they know with that unique identifier is that you are verified and have cancer stage three, and they’ll let you into the forum, and you can talk to other people with the same stage cancer and not be someone pretending to have a disease they don’t have. It’s actually quite sad, if you have people going to these forums to prank people, and they don’t actually have the medical condition. And so I think this is another area I’m quite interested in, proving private medical conditions in an anonymous world, allowing you to actually get the support you need without having to jeopardize your identity in the process.

[43:07] Alex: That’s great. Well, it looks like there are no more questions and we’re at the 45 minute time slot. Vinny, I’d like to thank you on behalf of the Blockchain Research Institute ™ for joining us. The background behind me is of a mountain and trees, but it’s actually just a poster. I’m in an office building. You, on the other hand, are sitting in a lush tropical paradise, so thanks for taking the time off to be with us today in that environment, we are particularly grateful. And to everybody else who has joined us on this call, thank you very much. This has been a terrific discussion, Vinny, we really appreciate it. For everybody else, our next webinar is going to be held on September 6th.

Related Content

Webinar: Blockchain, Artificial Intelligence, and the Battlefield of Things

Colonel James Allen Regenor (Ret), CEO of VeriTX Corp., and Brigadier General Blaine Holt (Ret), former deputy US military representative to North Atlantic Treaty Organization, discuss the nature of cyberthreats and opportunities to use distributed ledger technologies in combination with other digital innovations to protect lives and assets. It’s about the trivergence of AI, IoT, and blockchain in cyberwarfare. Topics include logistics under attack, adversarial logistics, Estonia’s use of data embassies (an excellent model for safeguarding global enterprise assets), fortifying government data pipes, and managing multi-domain operations where outerspace is a new domain for military and enterprise.

Read More

Cosmos and Polkadot for the Enterprise

This project explores one of the most critical implementation challenges of blockchain technologies: interoperability. Enterprise uses are reluctant to tokenize their assets or invest seriously in decentralized finance and digital asset management capabilities without assurances that they will be able to move these assets across blockchain platforms. What if chosen platforms fail? What if better platforms emerge? Some of the best minds in the space are addressing these issues head on with a range of innovative solutions. This project features two of them: Cosmos and Polkadot. It looks at their origins and ethos, architecture and core technology components (including the role of their native tokens ATOM and DOT), consensus and governance, and the applications already using them. Finally, the author reviews what enterprise decision-makers need to know as they weigh their options.

Read More
Subscribe