Humanising identity in the crypto world

The importance of the seamless user experience is a common denominator associated with large scale adoption technologies.

Where the overarching functionality becomes a simple ‘by-word’ to describe the technology of which that user experience is subsequently built on.

Denoted upon the familiarity by which consumers then become accustomed without even thinking about the underlying technology itself. Think Email (SMTP); contactless (RFID) or the number of times we have directed ourselves to retrieve knowledge by simply ‘Googling it’ (Search Engine Optimisation).

The importance of that humanising element is what our Associate Member, Sekura.id, focusses on. More pertinently around the catalytic role that Mobile Identity could play in offering that user experience and ‘real-world’ familiarity for the blockchain. 

We cannot ignore the crypto phenomenon 

One of the most critical elements of this crypto world is the human aspect to this: there are more than 420 million crypto users globally and around 18,000 businesses now accept a form of crypto-based payment  with reliance on some form of blockchain technology.

Although there is no technical need to have a deep dependence on a blockchain technology for a cryptocurrency to become functional,

many of the cryptocurrencies use blockchains, making these the main use case for blockchain technology, at least at the moment and for the near future: Bitcoin using the Bitcoin blockchain, Ether using the Ethereum blockchain, Solana uses the Solana blockchain and Dogecoin uses a fork (essentially a split in the blockchain network) of a fork of a fork of the Bitcoin blockchain.

Now the important question: how does identity work in a blockchain? How is “someone” identified in the blockchain? That’s where cryptography comes to the forefront as the answer and hence the term ‘crypto’ – that “someone” is identified using cryptographic keys.

When Steve Jobs said, “Technology should either be beautiful or should be invisible”, he was likely referring to the humanisation of technology. Here is a sample private key which Identifies a Blockchain user:

 

E9873D79C6D87DC0FB6A5778633389F4453213303DA61F20BD67FC233AA33262

 

It clearly is neither beautiful, nor invisible. Cryptographic keys are not for humans, they are for machines. There is absolutely no argument on the security aspect of using crypto keys to identify the users, but we know the balance between security and convenience is critical for the technology to have a world-changing impact, and when given a choice between convenience and security – the users generally lean towards convenience, sometimes subconsciously.

It is unfair to expect the user to understand the full implications, especially when the technology is not humanised: the implications are beyond the academic and conceptual paradigms. The crypto world was shocked to witness the seed phrase (a cluster of random words generated by your crypto wallet used as an emergency back-up) phishing hack on one of the very popular cryptocurrencies, IOTA, a few years back. The IOTA hacker exploited the fact that the crypto keys are not really humanised and offered the unassuming users assistance with managing keys for free through a seed generator, with the goal of stealing private keys (seed) of the genuine users.

Invisible and seamless humanised technology nicely balances the much sought-after twin dimensions of security and convenience. We almost forget that we have been using such a technology for a long time, and that at least five billion of us use this technology many times every day: – it’s the mobile network technology.

  • Adding the user experience onto the functional/ technological layer – ‘Mobile Identity’

Cryptography has been at the core of the mobile network technology from the first mobile network service ever used, still the cryptographic keys are invisible to the user – humanising it to a great extent. The SIM card (including the recent evolution into eSIM) contains cryptographic keys which are critical to the identity of the user, through the possession and control of the SIM card; the “I” in the SIM is for ‘identity’ after all.

Most users are not even aware of the existence of the cryptographic keys sitting nicely in the SIM, and that there are complex crypto dances going on to make the mobile network manage that identity. The identity of the user is managed using several cryptographic keys including the 128-bit Ki (authentication) key in the SIM. Added to that, the mobile network makes sure it knows if any changes have happened to the SIM – which is the cryptographic key manager.

If the SIM has been swapped, including if the user loses the mobile phone with the SIM, then the disablement of the SIM card – along with the cryptographic keys inside – is just a phone call away to the mobile operator’s customer service department. This is Mobile Identity – humanising the cryptographic technology for identity since the very first mobile network call made.

In the mobile identity world, the user is equipped with more humanised identifiers like the mobile phone number, although it can still be argued that the mobile network does not even need to ask the user, “Hey, what’s your mobile phone number?” to identify them, it does so invisibly.

The obvious question that comes to the forefront now is, “Can we not reuse the same technology used in mobile identity to seamlessly identify and authenticate the user in the crypto world, thereby humanising the crypto world?”. The answer is a resounding, “Yes”.

Solutions which utilises the mobile devices with the SIM inside and the omnipresent mobile network; like Mobile Authentication do exactly that, where the invisible authentication of the mobile network is reused for the extended purpose. Additionally, there is the same great opportunity in using the SIM as the humanised technology component to manage the cryptographic keys for the crypto world – as it has been doing silently, invisibly, and very efficiently for many decades now.

Let’s humanise the crypto world, Mobile Identity is already here to do that.       

Get in touch with partners@sekura.id to discuss how to prevent APP fraud before it happens.