Trust and the blockchain: a marriage made in heaven, or a divorce waiting to happen?

The story of a blockchain that may not break, but will bend.

Blockchain graphic
Thinkstock

If you’re of a certain age, you will remember the dot-com revolution back in the day. I remember sitting in a meeting with the CEO of the company I was working with at the time. He sat across the table with about five of us and stated: “I want a dot com spin on our company – how do we do it.” Everyone wanted in on the dot-com act. It was seen as a major money maker, it didn’t matter if you had an angle or not, you had to do it to demonstrate true innovation in your organization.

Dot-com fell hard, like revolutions and empires before had fallen. But out of its ashes emerged a brave new Internet-based world.

Fast forward to a world where new technology seems to roll off the tongue; if it’s not the IoT, it’s machine learning. And the misty world of the blockchain is now part of this, reminding me of the dot-com days...but only to an extent.

Blockchain is not hyped, it’s hyper. It’s like a gold rush the way everyone and their digital dog is riding the chain. As expected, this has caused a backlash by many folks who are long in the tooth and have “been through all of this before.” However, this does not mean that blockchain is smoke and mirrors. Far from it. I believe that blockchain technology is one of the best and most innovative updates in our tech stack to date. I may be lambasted for saying that, but I don’t care. I am saying this from a standpoint of having been there, done that, and seen the power of the chain.

Bear with me while I tell you the story of a chain that wouldn’t break, but would bend.

Trust in links and BitCardIDs

One of the anti-claims thrown at the blockchain is “it is misunderstood and cannot add trust into a transaction.” This is true. The blockchain is not something that intrinsically builds trust. However, as a technology, it can carry trust and make it accessible. What do I mean by that? Here’s an example:

A government service goes through the process to verify citizen K’s eligibility for an identity account. The process has a blockchain feature that anchors verified attributes, and a verified status claim, using blockchain technology.

Citizen K now has an immutable record of verification. Immutable, but up-dateable, to be precise. Trust works, not just both ways, but all ways. The government itself, is a trusted brand, a recognizable "face" representing citizen rights (or at least let’s assume so here). The government now, having done a job of verifying that person and registering a blockchain ID for them, can allow, as a citizen service perhaps, Citizen K to use their verified ID with another party, let’s say, Bank B.

Citizen K needs a bank account with Bank B. They already have a verified identity, registered on the blockchain. Any updates to their status are also held there. Citizen K also has a series of ‘BitCardIDs’. These digital cards, held in an online or mobile wallet, are a visual representation of their blockchain attributes.

BitCardIDs ‘productize the blockchain’ for us mere mortals to use

Citizen K can choose to share BitCardIDs with Bank B. Bank B uses these cards to query the blockchain and find Citizen K has been verified by a trusted party – the government. A new bank account is now opened.

The Blockchain is part of a multi-party system based on trust and verification. The user has built up trust by being verified by a trusted party. They share that trusted identity with a third party, who can trust it because a chain of trust has been delivered. Through this process, the individual can see a virtual representation of their digital self – the blockchain and BitCardIDs being a conduit for delivery and…trust.

But trust can change, and it’s important that any blockchain based entity is updated to reflect this. Blockchain entries are immutable, but events can be updated. The chain is a history of who you are, just like in real world life events.

Accessible links, privacy and the Human

When privacy starts to be called out as a competitive advantage you know you have to embrace it. But privacy, or lack of, is another ball of dirt thrown at the use of Blockchain for identity. But it doesn’t have to be. There are methodologies within the structure of a blockchain that let you create a system based on minimal disclosure – you can prove the validity of who you are, how much you earn, and that you match KYC requirements, but in a way that retains privacy, whilst disclosing the salient points. With blockchain and distributed ledger technologies that are verified identity linked, you have a neat way to control access, based on minimally disclosed user claims.

In the end, security, privacy, and identity, are about human beings. Be it the blockchain, or any other technology, ultimately a human being sits operating some part of it. Blockchain technology gives us a new way of carrying data, and new methodologies for building trust and making a human being central to their own story. Blockchain doesn't fix all ill, but it gives us a handy tool in our technology kit if we use it wisely.

This article is published as part of the IDG Contributor Network. Want to Join?

NEW! Download the Winter 2018 issue of Security Smart