“Hi, my name is, what? My name is, who?
My name is, chka-chka Slim Shady”
Eminem / Slim Shady
- Bio-metric verification (iris, face scans etc.) is one (likely) direction for the future of security and passwords.
- There are risks around being identifiable by personal traits, and some of these risks may be mitigated by an increased use of pseudonyms.
- Pseudonyms allow accountability but can be tossed if your data gets hacked or profile gets cancelled.
- Pseudonyms are already common on Reddit, Twitter and on eBay – and (loosely interpreted) with Bitcoin. Perhaps they will become more common in the future as a form of protection of identity while allowing for accountability at some level.
Yourself as a form of verification:
It is ludicrous that we still use credit cards, passports and social security numbers as forms of verification. Why not use bio-metric information, such as iris scans or facial recognition? Why are these not more widespread?
Countries like China are going in this direction, as are companies like Clear – previously for expedited airport security clearance, but now more generally to replace your credit card. You don’t bring a credit card, you bring yourself!
While the benefits for convenience are there, bio-metric approaches raise the obvious concern of data security. Once someone has your iris scan, it’s not as though you can change your iris scan as easily as you can change your social security number. Having a data breach like Equifax is bad enough, imagine how much worse it could be to have a data breach of bio-metric data – especially as the data being recorded gets more and more detailled.
Accountability and risks in being yourself
Having people be accountable for their actions is something that I feel strongly about. There are few things more frustrating to me than working with an anonymous “Simon B.” at Amazon, who gives a half answer to my first question, knowing that it will be “Mary P.” who will be on the hook for the next follow-up.
Putting your name on the line in business and in life is something that I see as admirable – and that can be seen in many of the great brands today that are called after their founder or inventor, such as Wolfram Mathematica – after Stephen Wolfram.
Conversely, when you do put your name on the line, there is the risk that your character can be torn down. This disincentivises bad behavior, but assumes that the mob is always wise in deciding who to tear down. We know that truth is not always the victor on the battleground of social media, so putting your name out is not always wise – particularly if wading into politicized battlegrounds.
Pseudonyms as an alternative
What then, might be a solution that allows for accountability while also providing some protection against hacking of personal information and against bad actors/mobs?
The answer might lie in pseudonyms, where you hold a secondary name for public activities. That secondary name or identity can develop a brand and reputation of its own, and even an income of its own, but – if it is torn down or hacked – damage can be limited to that secondary level by starting a new pseudonym. Painful but not life ending.
Pseudonyms are already widely used on Twitter and have huge followings without their underlying account owners necessarily being known:
@mathtick @rudyhavenstein and @wrathofgnon are some examples of pseudonymous tweetersTweet
However, the vision for pseudonyms can be much wider, with these pseudonymous characters earning income and taking on much fuller personalities than before. Credit to Balaji Srinivasan for this thinking and here is a great video exploring the concept:
Pseudonyms – back to the future
I suppose – to some degree – the reason we still have credit cards is because they are somewhat pseudonymous. The number of each card is a secondary identity you can have, and you can cancel and throw it away if there is fraud. That part works well – it’s just that hauling around a physical card is annoying.
Centralised or decentralised?
A credit card – while it is a pseudonym of sorts – is a centralised pseudonym because the card issuer defines the card numbers and . A decentralised pseudonyn could be a bitcoin wallet or password, where you generate these numbers yourself (with the wallet address publicly visible and the password/key private to you alone). So, pseudonyms can be centralised or decentralised in how they are used.
The question of centralised or decentralized is important because it affects how the information could be used for law enforcement and also how vulnerable the information is to hacking. In a centralised system, all of the information can be used to identify bad actors. With a centralised system, there is also the benefit of having a lot of information – so this information can be used to better understand the system – call it “artificial intelligence” or “machine learning”.
On the other hand, a centralised system is more vulnerable to hacking, i.e. you just need to break into one point to get all information (very roughly speaking). Plus, if law enforcement is a bad actor, that presents a risk too. So decentralised systems can be better for privacy and protect against abuse of power.
Bio metrics are communist while pseudonyms are libertarian?
To get this paragraph title, I’ve hacked up Peter Thiel’s view that “artificial intelligence (centralised deep information) is communist while crypto (decentralised, pseudonymous) is libertarian”. (Parentheses are my own)
An increased use of biometrics means putting personal (permanent) information in the hands of large organizations (governments or tech companies) with centralised control. Pseudonyms can be centralised, but they can also be decentralised and they can be self generated – so they can be more libertarian.
My view is that the increased sharing of personal information is inevitable and may have some benefits, but we should be looking at alternatives – where possible – that allow for accountability but provide better protection from data breaches, bad actors and cancelling.
If you like this article, you might also like my monthly newsletter: