Blinking: Trusted Digital Identity Solution

Nikola Milinković; Miloš Milovanović; Miroslav Minović; Aleksei Migitko; and Andreja Velimirović, Blinking

IEEE Blockchain Technical Briefs, December 2018

 

The world is becoming increasingly digital. Digitalization and automatization of different aspects of our lives have grown to become the undisputed facts of this era. These two interlinked trends are forcing more and more people to communicate, exchange and conduct business online.

Nonetheless, there is not an established, reliable, and universal way of creating, handling and confirming digital identity of people in the online environment. At its most rudimentary level, an identity can be described as a set of personal characteristics which both define an individual and uniquely distinguish him or her from other people.

As a way of officially confirming our identities, we've grown accustomed to using government-issued documents, like IDs, driving licenses and passports. Without them, proving who we are is nearly impossible.

Further complicating this arrangement is the fact that our world continues to blur the line between digital and physical reality. The need for verifying identities online has grown exponentially over the last decade, yet we've made little to no progress in standardizing digital IDs. Instead, the new protocols mesh with already suspect processes of offline verifications and demand scans of official documents, yet again forcing our hand to use IDs and passports.

Just imagine how useful the creation of dependable digital identities could be if turned into a thing of reality. Shopping online would be the least of what we would stand to get - an individual’s digital ID could be used to vote, file taxes, withdraw funds from banks, register property, take out loans, comply with government reporting requirements, provide evidence of education, store medical records, collect welfare support, and much more. Standardization of trustworthy and secure digital identities would truly revolutionize the way our world functions.

So, why has the realization of digital identities been such an insurmountable challenge to overcome?

Authentication or confirmation of someone’s identity and authorization which represents providing access to one’s identity, both rely on establishing correct identity. This is usually done by something that people know, have or they are. Username and passwords represent a useful but insufficiently safe way of protecting private data [1] as they are something people know. Systems that require a higher level of security (ie. banks services) usually combine the aforementioned modality with something that people have (smart card, mobile device). Lastly, there are systems which combine these two approaches with something that people are, exemplified in the use of biometrics data.

Problems with utilizing biometrics data for identity purpose are twofold. Primarily, it’s not possible to establish identity with 100% confidence. Secondly, it’s not possible to revoke access to biometrics data, once provided.

Solution for the first problem can be found in using multi-biometric and multi-factor authorization in order to achieve higher percentage of matching confidence. Solution to the second problem up until now lied in the fact that people had to rely and trust organisations and businesses storing and handling their personal data. However, in the case of blockchain-based technologies, the solution to the second problem could lie in the architecture of a system which is engineered in a way that does not provide access to biometrics to businesses and instead retains access and control always in the hands of the end-users.

We are now reaching a point at which standardization of trustworthy digital identity is slowly starting to look plausible. Blockchain technology and its unique infrastructure are offering us intriguing solutions to the aforementioned problems. There are now different approaches in utilizing it. Currently, each is solving a particular or specific problem with DID’s, but perhaps a select number of them could offer a complete solution.

The core issue in creating reliable & secure digital identities lies conceptually also in the “double spend problem”, inevitable in the case of digital goods. This problem wasn’t solved up until recently when Satoshi Nakamoto provided a theoretical solution and we witnessed the proposition in practice in the use-case and growth of blockchain technology. According to a survey done for the “Innovation in Retail Banking 2017” report [2], financial institutions executives gave the highest priority for the use of blockchain technology in digital identity management (23%).

Besides enhancing security in conjunction with other cryptographic pieces of software and bypassing single points of failure, blockchain can also upgrade system scalability due to programmable smart contracts and open the door to a plethora of other properties limited only by the ability of the person coding the application. Thanks to its core features, blockchain can ensure that digital identities are stored in a secure and incorruptible manner. They provide us with precisely what we needed in order to make electronic IDs work - the technology necessary to instill security and trust in digital identity applications.

There is a clear evidence that the market is in a need for a reliable, secure, yet a simple way of confirming (digital) identities of a large number of users. Using usernames & passwords and even 2FA (Two-Factor Authentication) is showing its inadequacies and we see more and more proof [3] [4] in support of the thesis that they do not represent a reliable way for users to protect their private data. Businesses are losing their users’ trust due to the fact that their names are often in the media as victims of data breaches or thefts. It also became clear that not only businesses but the entire industries require a secure way for their users to verify and authorize access to their private data. The need arose not only from a moral obligation but also from legal or regulatory obligation imposed on businesses by the global or supranational organizations and institutions.

Why blockchain?

We at Blinking had our minds set on proving blockchain-based technologies could indeed play a powerful role in creating a secure, portable, personal solution to the digital identity problem at hand. Digital identity is something that every individual should have the control over and that access to private data is not something to be taken lightly.

Blinking is a multi-factor [5] identity-management tool based on the Hyperledger Fabric blockchain [6] and IBM Cloud infrastructure and services that aims to essentially take over the role of offline IDs. By allowing users to upload their personal information onto a private blockchain, Blinking grants us something we never really had before - a trustworthy method of digitally verifying our identity.

It gives businesses a complete digital identity management solution for the problems of authentication and authorization of user identities as well as a “Know Your Customer” process tool and storage system in line with the latest and most stringent regulations regarding private user data handling. All the while Blinking makes sure the ownership and control of user private identities and data is in users’ hands.

Relying on blockchain's infrastructure, we've created an environment that fosters security as a priority. And by creating a system that insists on biometric scans for identity verification, we've eliminated the fear of trusting the wrong person online, turning Blinking into a valuable KYC tool.

Identity and authentication privacy

One particular question being raised in the case of Blinking is the question of user identity privacy and authentication privacy. We hold the principles of data privacy and data security as the primary reasons for building Blinking. In fact, our mission is to create innovative & practical software solutions for digital identity management and the protection of personal user data.

All personal data is stored in a secure distributed data storage. All data is encrypted at all time using a built in network encryption mechanism. Data is signed and signature is stored in the ledger. Every description needs to be authorized by the network and upon checking the identity of the request issuer. The algorithm for the key management is protected and ran in a secure environment. Upon each description of the data, signatures are compared to ensure no tempering of data occurred. After data is used, a new set of keys is generated and data is re-encrypted to prevent any data breach that might occured by compromising server memory. The entire process of data management and authorisation over network is filed for patenting through several claims before European Patent institution.

The same process applies to authentication privacy. Blinking has a unique way of handling users digital identity. Our system offers people to establish an identity in a way that is closest to the way this is done in real life. We usually establish one's identity according to something people are, have and know. Our system honors all these features of person's identity, ranging from biometric features, through possessions (devices) up to what they know (passwords, tokens and similar). Uniqueness of Blinking can be seen in the degree of anonymity needed in relationship between end user and service. If the system requires full disclosure of one's identity, it can be done through formal KYC procedure where the user would still retain insight into who? why? how? accessed and used his data and be able to manage who and how accesses his data and revoke that access. This of course depends on the data and business scenario. If a user is legally allowed to exit the system and even erase all his data, we don’t see an issue there. There are however some regulatory, country-dependant hurdles to providing users with the possibility and right to unilaterally delete their digital identities.

Competition differences

If we were to compare current Blinking competitors, we see that none of them offer the full digital identity solution for businesses: digital identity management, KYC process, and a secure storage.

Then there are issues with public blockchain being used to solve the problem of digital identity. Not having the control of network participation would exclude serious businesses from being involved in the network. Public blockchain technology has many downsides to establishing a good quality digital identity model. Public networks are usually low in performance, smart contracts are generally limited and overall architecture is complicated. Physical location of peers cannot be controlled. Digital identity can hardly be established without formal procedures executed by formal institutions and businesses. Even in real life to establish identity, person needs assistance and confirmation from government and other institutions. Additionally, building a viable business model on public blockchain network is unviable. It would be very hard to operate a business and be flexible to market needs, add new features and adapt solution to actual market needs.

Private holds the promise

In contrast, relying on private blockchain solution makes a lot more sense. To that extent, Blinking relies on Hyperledger, a Linux open-source project of building hiqh-quality entreprise-ready blockchain solutions. For Blinking digital identity management platform, we opted for Hyperledger Fabric. It is a very well designed solution that has a good balance between simplicity and features needed to build a high quality business solution. Performance-wise fabric shows ability to match responsiveness of traditional transaction based systems. IBM is one of the biggest contributors to Fabric. They offer serious support in establishing infrastructure to host Fabric solutions. This in many segments relinquishes our team from the need of focusing on that segment and lets us focus on our expertise.

This formula seems to be working in the Blinking case. Aside from becoming a IBM business partner and a member of Hyperledger community, in less than a year, Blinking has moved from idea phase to fully working product with all three modules being improved rapidly according to agile approach. After showcasing Blinking use case of kiosk integration at CeBIT Europe 2018, the main focus was the preparation of pilot testing phase. In this phase, several leading international bank branches will test the digital identity management system and KYC tool and process, in an enclosed environment. Alongside these achievements, there were many more in recent months. However, the most important fact to note is that patent for Blinking system is filed on the European level and is currently pending under ref. No. EP18186310.1 on 30th July 2018 under name “Authenticating Client over Network”.

Regarding the development of the product, Golang was the programming language of choice for the implementation of the chaincode (smart contracts) [7]. The modules represented in the software code support the full process of user registration and user authentication. As middleware, we opted to use Node.js to hold the code that provides fabric API for communication with Hyperledger Fabric.

Authentication and authorization of digital identities in the case of Blinking rely on two biometric modalities (fingerprint scanning, face scanning) with the possibility of adding additional ones (voice, iris, gait). These modalities were developed and based on the exemplary academic achievements in the field. It it also possible to employ different vendors and include their algorithms on a service model basis.

There is a clear interest for the both product and business. On the business side, future development involves responding to similar, but a bit different industry needs as well as scaling the business. On the product side, handling greater number of business consortia as well as adding business specific modalities will be one of the goals while polishing the product. Future development in the following years will in turn incur research of possible applications of Blinking in other industries as well as enablement of new and innovative cross-industry business models that require or rely on successful establishment of digital identity.

Fully functional and tested on Hyperledger Fabric, private blockchain platform, Blinking represents a good step forward when it comes to standardizing digital identities. As it enters the pilot phase with some of the leading banks and businesses, a demonstration of the system in practice awaits. We might find out soon just how much potential there really is behind the promising blockchain technology and how much we stand to get if we continue to work on its development.

 

References

[1] “Passwords are Obsolete” – Justin Balthrop, Medium; https://medium.com/@ninjudd/passwords-are-obsolete-9ed56d483eb

[2] Jim Marous, DBR Media, “Innovation in Retail Banking 2017”, DIGITAL BANKING REPORT, Issue 251, pp. 66, 2017.

[3] World's Biggest Data Breaches - http://www.informationisbeautiful.net/visualizations/worlds-biggest-data-breaches-hacks/

[4] Biggest Data Breaches of the 21^st Century - https://www.csoonline.com/article/2130877/data-breach/the-biggest-data-breaches-of-the-21st-century.html

[5] Multi-factor authentication; Wiki -  https://en.wikipedia.org/wiki/Multi-factor_authentication

[6] Hyperledger Fabric; Read the Docs - https://hyperledger-fabric.readthedocs.io/en/release-1.2/

[7] Chaincode - https://hyperledger-fabric.readthedocs.io/en/release-1.2/chaincode.html

 

---

 

Nikola Milinković is a digital marketing expert with several years of experience in the field working in corporations, agencies and startups. From studying political science, digital marketing and personal interests in gaming, computers and innovative tech solutions led him into the startup world.

 

 

Miloš Milovanović is a teaching assistant in the School of Business Administration and a member of the Laboratory for Multimedia Communications at the University of Belgrade, Serbia. His research interests include biometric technology, with a specific focus on human gait recognition. Milovanović has a PhD in information technology from University of Belgrade. He is a member of IEEE. Miloš is the co-founder of Blinking.

 

 

Miroslav Minović is a professor in the School of Business Administration and a member of the Laboratory for Multimedia Communications at the University of Belgrade, Serbia. His research interests include biometric systems, multimedia, and HCI. Minović has a PhD in information technology from University of Belgrade. He is a member of IEEE. Miroslav is also the co-founder of Blinking.

 

 

Aleksei Migitko is a serial entrepreneur and blockchain engineer and practitioner with over 12 years of professional IT industry experience in various areas including: complex payment-related solutions, online games & blockchain development, business operations and business development. He has held C-level positions in several IT companies with the focus in aforementioned fields. Aleksei is also the founder of Blinking.

 

 

Andreja Velimirović is the young magician with words, content marketing expert transcribing the important ideas of today into words non-engineers can understand. He is the devoted writer in the Blinking team.

 

 

 

Editor:

Zheng Yan is currently a full professor at the Xidian University, China and a visiting professor and Finnish academy research fellow at the Aalto University, Finland. She received the Doctor of Science in Technology from the Helsinki University of Technology, Finland. She authored and co-authored about 200 peer-reviewed articles, 8 conference proceedings and solely authored two books. She is an inventor of 60+ granted patents and PCT patents, all of them were adopted or purchased by industry. Some of her granted patents are applied in international standards. She has given 20 keynotes and invited talks in international conferences and universities. Her research interests are in trust, security and privacy; data mining; mobile applications and services; social networking and cloud computing. Prof. Yan serves as an organizational and technical committee member for more than 80 international conferences and workshops. She is an associate editor of IEEE IoT Journal, Information Fusion, Information Sciences, IEEE Access, JNCA, Soft Computing, IEEE Blockchain Technical Briefs, Security and Communication Networks, etc. and a special issue leading guest editor of ACM TOMM, Future Generation Computer Systems, Computers & Security, IJCS, MONET, IEEE Systems Journal, etc. She is a founder steering committee co-chair of IEEE Blockchain conference. She is organizing and has organized 10+ conferences, such as IEEE Blockchain 2018, NSS/ICA3PP/IEEE CIT2017, IEEE TrustCom/BigDataSE/ISPA-2015, IEEE CIT2014, etc. Her recent awards include a number of Outstanding Leadership Awards for IEEE conference organization; the 2017 IEEE ComSoc TCBD Best Journal Paper Award; Outstanding Associate Editor of 2017 for IEEE Access; EU Eureka Excellence Award (2017); Best Individual of Shaanxi Province from Abroad (2014), “100 Expert Plan” winner of Shaanxi Province, China (2011); Sisu Award of Nokia Research Center (2010); EU ITEA Bronze Achievement Award (2008). She is a senior member of IEEE.