Event Recording

Panel | Digital Identity & Web3- Rethinking Business Models

Log in and watch the full video!

Log in and watch the full video!

Upgrade to the Professional or Specialist Subscription Packages to access the entire KuppingerCole video library.

I have an account
Log in  
Register your account to start 30 days of free trial access
Subscribe to become a client
Choose a package  
Well, good afternoon. I'm Jackie showback co-founder and managing director of 14, 14 ventures, an early stage digital identity venture capital firm. I'm very excited to be the moderator today for our panel on digital identity and web three rethinking business models. Of course, I wish I could be in Berlin with all of you. I'm I'm zooming in here from Boston, Massachusetts. Before I introduce our panelists and begin with our questions, I'd like to kick us off with a little bit of context setting, having trouble with my page, advancing fun. Let's see. I'm gonna try, I'm gonna try again, see if I can get this to work. I'm not sure why it's not advancing. Let's see, Mike, do you think you can bring up the page by chance?
Sure. Yeah. Why don't we do introductions then maybe?
Yeah, let's go ahead to introductions while Mike's getting the page up. I apologize about that. It was working before. So first I'd like to introduce John Phillips. John was one of the invited global speakers for the 2021 book. Self-sovereign identity, a career technologist who started in the space sector. John co-founded Zu in 2021 to focus on digital trust. He's worked on engagements for governments, not for profits and commercial organizations across topics, such as digital identity, guardianship consent and verifiable credentials. John, do you wanna just quickly say hello?
Hi. Thank you very much, Jackie. I'd like you I'm, I'm disappointed not to be in Berlin. I'm reaching out to you from rather dark and evening Melbourne, but lovely to be here again.
Okay. And then we have Harry Bayens. Harry is the founder of power and mobility limited and CTO of blocks move. He established and headed the Daimler mobility blockchain factory until may of 2021. It is there that he combined his experience in mobility, automotive, finance, and blockchain to design and build the Daimler mobility blockchain platform through a spinoff. This software has now become blocks. move.com. Harry's been actively involving himself in blockchain since 2013 before heading up blockchain at Daimler, he was head of mobility and digital finance for Mercedes-Benz auto finance, China. He's also the last CTO of car to go in China. Harry, do you wanna quickly say hello? Yeah.
Hello, thank you for the comprehensive introduction.
Okay, great. Great. And then we have Mike angle. Thank you, Mike, for hopefully fixing my technical difficulties here. Mike is a proven information technology, executive company, builder and entrepreneur. He's an expert in information security, business development and product design and development. His career includes the head of information security at Lehman brothers co-founder of Bastille networks and co-founder of one cosmos. And I have to just throw this in. Mike is also a partner with me at 14, 14 ventures. Mike, just a quick hello as well.
Yeah, thanks. Yeah. I would love to have been there as well, but you're from sunny, New Jersey. So looking forward to our discussion today.
Okay. And then we have Encore Patel, Encore leads, growth for identity security at Microsoft championing the cause that everyone has the right to own their identity. His team delivers this new form of verifiable credentials that more securely and privately stores, all personal data, making the world safer for all. He previously led the effort for connecting LinkedIn, the world's leading professional graph and Microsoft office Encore. I hope you're on stage there somewhere.
I am just off stage, but yes, good to see everyone. And especially all these cases
In person. Okay, great. So we're going just a little bit out of order here. I apologize. So let's see here. So Mike, you were able to pull the screen up. Fabulous. So, so just to kick us off before we go back to the panel, I just wanted to set a little bit of context around our discussion today, which is really questions that we'll be exploring around web two web three and business models and how to sort of bridge both worlds. I'm sure you've all seen comparisons. Like what we're looking at here before comparing web two to web three and how this evolution is changing the game for business models. I won't go through all these details, but with a decentralized approach users controlling access, the rise of tokenization and the creator economy. Mike, can we go to the next page please?
Sure thing.
Thank you. It sets the stage for reimagined business models with a completely disrupted value chain. There are lots of positives for sure. Greater efficiency, transparency, streamlining of middlemen in some cases, the elimination of them. And of course there are challenges too more responsibility for the individual privacy fraud and security considerations. These implications certainly pose a number of questions for us. Will the individual want more responsibility? How will compliance and security evolve and how will data flow in this decentralized ecosystem? So before, so I've already introduced everyone. Mike, why don't we go ahead and turn off the, the pages and we can get right on into some questions here. Perfect. Perfect. Thank you. And so I drew straws before today's panel began and I have to say, John, you're the lucky, you're the lucky person we're gonna start off with you. So John taking control of personal data and monetizing, it is a key tenant of web three. John, how feasible do you really think this is? And do you think generally people will do this or will it be reserved for a small group of like early adopters?
Thank you, Jackie. That's a great question. I think a number of things to sort of unpack in that, and then we'll obviously have the broader discussion this, but the, for me, let's, let's start from a, a simple point data about us is probably a better phrase to use than my data. There's a sort of construct that says, you know, this is my data, it's mine. And if you've created it, if you've, if you've kind of been the originator of this information, then maybe yes, you could claim some sort of ownership. If it's data about you, then it is data about you. And, and really what we're thinking about then is the, the principle of, of rights of use and access and privacy type issues rather than ownership. So the fact that I walk down the street on a certain day is probably captured by surveillance cameras and many other sensors.
Now, my ability to claim the right to own that is probably a little bit tenuous, but the rights in terms of the use of that data, yes, that's something that might be under protection of laws and so on. And I think the other aspect of this is this idea of monetizing data and the, the understandable frustration that many of us have felt when we read the, you know, the, the books such as zubo surveillance, capitalism and others, that sort of evidence, the, the massive machines that are sort of capturing information, aggregating it, repurposing it, identifying trends and patterns, and then basically selling ads to us in most cases, sometimes also determining content that they think we should see or not see. And so on, which is a little bit more nefarious. In my point of view, the issue for me is that our worth the data about us, of that sort that's used is actually disappointingly small.
If I were to sell the data about me in that sense, my behavior on web browsers and other things, I'd probably only get a few dollars a year or something would be very disappointing and I feel very small about it, but it, there are aspects of data about me that are much more valuable and much more pointy. And they could be things like if I'm looking for a new house mortgage or I'm doing something of some significant financial sort of movement or something, then, then there's an opportunity to maybe do a sort of arbitrage, an auction process for information about me. And I could control that. So yes, to control. Absolutely. I think that's important and be very careful about the monetizing thing. It might be disappointingly small, and you have to treat it very carefully. And that there's one last quote. I know that we were, we were shared once that when the Europe was considering the whole data privacy and acts and so on, there was a discussion around data ownership and rights and also monetization. And one of the principal people in the, in the group offered the opinion that if you were to monetize data in the wrong way, it would be like opening up a black market for kidneys because people who were at least able to afford or least able to protect themselves, but start selling data about themselves and be made more vulnerable by the process. So it's, it's not necessarily as easy or as good as we might like it to be, to monetize our data in a, in a simplistic way.
Okay. Well, that's thank you for what a great analogy with the black market for kidneys, Harry. I wanted to get your perspective on this and whether, whether you think the same way that John does, or if you have a different point of view.
Well, I'll definitely agree that this monetization scheme would be very disappointing if you start thinking about it yourself, because there is, I believe in my personal opinion, there's a very strong misconception, strangely enough, especially among enterprises who have now wholeheartedly embraced data monetization. And they're looking for ways to sell data, the original data monetization, they came from the big aggregators. They had huge data, Google, Facebook, Airbnb, you name them and what they did in monetizing. Yes, they monetized it in the sense that their companies got vastly more valuable and possibly they managed to achieve incredible amounts of advertisement revenue, but that was never achieved by selling the data points that was achieved by having access to the data, running your AI, running your anybody, still remember the word, big data, running your big data algorithms on it, learning from it and tr trend analysis. And then based on that, cut better products, identify opportunities faster than the rest of us achieve more data in the process.
And then it becomes a kind of VIR cycle. So in my personal opinion, data is not monetized in the trading part because at least looking at it from Europe and this trend is going all over the world. This is such a taboo topic. If you start building a company and you want customers and you even dare mention the word, or by the way, my business is selling the data, you will have no customers left and you will have a shit storm of epic proportions coming your way. Because right now the world is such, I mean, look at GDPR, but also look at the general mindset in Europe, which wholeheartedly embraces it. People are concerned about privacy. So any company that goes out there and says, I make my business to sell data, I don't understand how this is supposed to work. Frankly said, having said that there is now, how do you extract this value?
You extract the value by having access to it, extracting patterns, valuable data structures, or patterns, which you can then use for better products. And here you have a decentralized future coming up, which is best described in. You think of you have 20 companies. Each one of them is a small fleet company in themselves, whatever data they generate is completely useless. So if I have the Kotz back bus company, then whatever data I have, this is completely valueless is simply not big enough. But if I now have 20 of these and they cover, then together, we would actually be able to extract meaningful data out of it. And we would then use that to be more efficient in our orchestration deployment, predictive, maintenance, whatever. So how do we achieve that? Now that's a problem for data monetization. And here you have cryptographic schema schemes that are coming out now, which are essentially based on, I look in your data.
I send a AI agent that goes inside of your data. At some point in time, that software has access to all of the data, but it's programmed as a smart contract in an auditable way that it will extract the lessons and the patterns and the structures from the data. But it will not remember the customer data because that's of course is a no-no. And there's very impressive trends, chief among them, the ocean protocol, but there's others out there that are focusing on that. This I see coming, and this is a B2B part, and this is not strictly selling data, but it is combining data to go from my data. As a single point is single bits of dollars. It's worthless data only becomes valuable after critical mass threshold combining them, but not disclosing the actual content. So that is the take I have on that.
Great. Th thanks. That's a really interesting twist anchor. Is there anything you'd wanna add, maybe commenting on Harry's cryptographic pattern recognition and, and the suppression of the actual data itself? Any, any comments
I think in, in way in the future, we could have these strong cryptographic means because having them be part of open standards, interoperable ways of doing these things, where far from it, Microsoft invested in you proof for those who were around 15, 20 years ago, Victoria's nodding his head. So the technology has existed for a very long time, but making it usable by normal application developers and users. And we all like to use the example of don't share the birthday, share the age. That's a very simplistic example to share, but implementing it and having protocols and formats that support it is not easy. And we can have all the way up to confidential compute that is done in hardware and having consortiums built on top of it. As we are doing with kayak, anybody from kayaks in here, these are all difficult things to go build and scale.
However, we have more mundane problems today on having attribute verification take place in absence of having things like European union, digital identity initiative. There are third party proxies who given these attestations, whether it's a selfie check or a document verification, and it goes for a dollar 50 for per transaction in a decentralized world idea would be instead of having that verified by each relying party. So you're gonna work with Uber and then the Lex taxi person or whoever. What if I had that at tested once and be able to use it again, this creates a disruption for business models who rely on getting paid per issue once when you're moving that value to per verification, clearly that would be better for everyone involved, including the issuer. But then the question is how do you protect my privacy, going to some of the ideas that you were just describing and that the community has come up with recommendations around how that could happen such as checking a revocation endpoint, which is unauthenticated.
These are things we can do without advanced cryptography, without specialized hardware. So I think we are at a closer point to your original thesis on how likely is this world to happen right or wrong. The world follows money at the end of it, there has to be economic incentives for such ideas to be born and realized. And I believe that we are there cuz there's market demand for such things, whether it's because the users want control or companies wanna spend less on having liability to carry such data inside their boundary, but ultimately it results in reduced friction and greater verifiability. So I'm thrilled to spend more time on this panel, talking about how we could make this more real rather than a, a pipe dream someday.
Great. Great. Thank you. We're gonna switch gears a little bit. Now, Mike, you spent many years in a bulge bracket, financial services firm before becoming a digital identity entrepreneur. Can you look into your crystal ball and tell us what you think could be some of the new web business models, web three business models in KYC, know your customer and the banking space.
Yeah, yeah, absolutely. You know, if you just take a quick Gander down memory lane and how we got to where we are today, right? I don't know how many of you are old enough to have used CompuServe AOL prodigy over a dial-up modem. Or I remember the day I hit enter up my first email in Pennsylvania and it showed up at a friend's place of work in Virginia, like in a second. Right. And there was a time where we were given access to the internet by our employers. Then you could go buy it right first $6 a month at CompuServe and start to get plugged in. And then what happened to anchor's point about monetization? The, the, the tech giants emerged and became these things that now do it for, for free, but really at our expense and this trend now of, of everybody's now kind of aware of it, right?
You're seeing more and more data and privacy scandals and things seem anonymous when they anonymized data, but it's really not. Right. Look at Ilia Stein and Holly hunter that got caught with 3 billion in stolen Bitcoin because they thought it was anonymous, but oops, I left my private keys in the cloud, right. So it's moving in a direction away from now from this web two to web three, like you pointed out. And I really thought that COVID would be an accelerator. Right? Right. We're all now digital. We had to sit home and do things digitally for the last for two years. And what you saw were all these COVID wallets pop up globally, right? There was the Rockefeller pro the commons project and these others, but they all disappeared and there was no interoperability between them. So anchor, you mentioned a couple things about developers and usability.
It's just not there yet, but you can now kind of see over the hill. So today the only way to do a crypto transaction is it has to be a private key involved or, you know, defi or decentralize anything as private keys. And so some of these web two companies are kind of stepping up and saying, Hey, we'll take care of the private keys for you, right? Coinbase, that's their entire business model they made. Don't worry about your private keys. Just go by and sell crypto. The good news is it's still there under the hood. So eventually you could get your private key, take it out. We just need a way to use it. Imagine, you know, any one of our parents on this call trying to manage a 12 word pneumonic phrase in a private key, right? It's just, I can't even get them to remember their apple password today.
So we have this big gap of, of, of where we need to be. And what's going to enable it is amazing developer experiences that make it so easy for the developer and so easy for the user that it's indistinguishable from magic. Right. And we see it in closed ecosystems. My apple pay. Now, if I'm, if I have the choice, I tap this to the reader instead of pulling the credit card outta my wallet, it's just closed. And so when that starts to open up, I think we're gonna see it's gonna happen really fast once, you know, cuz things now happen in nanoseconds compared to what they did back in the comper days. So we could wake up a year from now and be like, everybody has a wallet and they didn't even know it. And hopefully there's some openness to it and the standards emerge.
Great. Well, thanks Mike. So John, this whole wallet concept and what, what do you think what's in your crystal ball on the whole topic of the KYC evolution and trusted ID?
A few things. I, I wanna go back onto what Mike said and also expand on this. The, the, the apple pay phenomenon is, is, is a great one to use as analogy of kind of the way things are trending. But I also, I think it combines with what we're just hearing from anchor and Harry around the European phenomena. So the economist carried an article, just, I think this week on that 5% of consumer payments globally go through apple pay. And that size of number is significant and has raised the interest of regulators and banks and others because there is a price to pay for going through apple, pay that price. We don't see, but the price we see eventually, cuz the goods we pay for are cost more because there are fees being paid to apple. So there are now antitrust and, and monopolization kind of questions being raised about the success of it.
So, so I think what's, that's sort of both indicative of the success of that approach of simplifying it embodying all the magic inside. So it, it looks fabulous and it works really well from a consumer experience, but also behind the scenes of that is a little bit of a risk about the concentration of power and concentration of information and data and transactions. The KYC phenomena know your customer, anti-money laundering counter-terrorist and financing customer due this whole banking phenomena in, in an Australian context and some similar in some other countries too. There's an, there's a couple of issues with this. One is current and present, which is that liability law means that a bank in Australia can't just outsource. If you like the process of doing the KYC checks, they are still liable. Irrespective of having employed another company, they, they, they can't offload their responsibilities.
So it disincentivizes them to actually take advantage of a, of a so outsource provider. We all know that the reasons the KYC is attractive as a business model is that if you could solve the owner, slow, boring, bureaucratic, and costly process of, of onboarding to a bank, then in theory, good things will happen. There's about $150 of savings for the bank alone in Australia, in terms of not having to do a KYC check, if as a customer, you could reuse the KYC check than you might choose to go to more banks more often. I, I think I often use phenomena is that we stay with the bank. We first choose. And it's more common that we stay with longer than marriage. You know, it's like a, you know, you get divorced more often than you change your bank. So that's true. I think it's, I think it's sort of a, a good thing if you could, could fix it, but here's the rub.
I here's the rub in Shakespeare I say is that if we fix this with decentralized identity systems and decentralized verification systems, we would rely on the original documentation. So that the reason that KYC phenomena is a usable vice products concept is it's hard to verify existing documents. It takes time, it's costly, it's onerous. It's difficult. So after doing that, you MI a new credential. You maintain, I K Y C G here's my proof and I'm trustworthy. A bank can trust me. It's all good. Makes sense. But if those original documents were verifiable credentials themselves, then that process is not, not adding any value whatsoever. In fact, it's potentially adding risk because if you could rely on the original documents in nanoseconds of checks, then why would you have a third party doing it for you? So that that's where I think the, the disintermediation is, is an opportunity. So the, the answer is KYC checks and others need to add more value than authentication. So if you can add more value than authentication you're in and there are additional values to add,
Oh, well, that was great. Great explanation, Harry. I, I wanna go to you now talk about healthcare access with self-sovereign identity. That's another interesting tenant for web three. What are your thoughts and what do you see in your crystal ball for the future in that?
Well healthcare, even though I'm not an expert, I'll take it in my head. I'll paraphrase it as extreme, extreme, extreme caution with dealing with the data. So I'll just take that as the definition of healthcare, because I have no direct exposure to the sector, otherwise being a fairly healthy person. Thank God. So the, and I would like to bring that answer through the core topic of the panel. So we are talking about decentralized identifiers and the experts are here, but we should also be talking about web three and what's web three, add to this. And we heard about the model from Coinbase and which is essentially a custodian model. And if there is one thing that holds true, first of all, in web three, but also in the self-sovereign ID kind of pseudonym for decentralized identities, not your keys, not your coins, not your keys, not your data. So as long as you go to custodian, you lost. If you think that through, I mean, there's 150 ways we can argue about this, but if you do not hold the keys, you are not in control. You're essentially back to account data. So whoever you have given the custody to I'm hoping basically I'm
Hoping one of our in person panelists, oh,
They're looks like they're fixing it. Something's
Happening. Oh, go
Okay. Then I'll continue. So you need for several reasons. First of all, you can just be disowned simply if you do not own the keys, that's number one, that's a, some on the more libertarian or crypto anarchistic side of things would object to this possibility. They would say, if that's my coin, that's my coin. And I'm not going to put that into question. That's one way of looking at it. But also, and that's actually from business side, much more relevant is, and that I'll get now to the healthcare part. If you leave to a custodian, you essentially have an account with that custodian, but you cannot take that anywhere else. And we launched a token. Alright. And part of this token is that you get to vest your presale. You have a vesting period. So you get to claim your tokens. And the mechanism you use is you whitelist a wallet by which you common claim.
And now I'm telling you a story and that's a real story. So that's happening right now. And the guy is still a hundred hundred K short, the person who was not a very deep crypto expert, registered his Binance wallet with us. Well, tough luck. He doesn't have access to the private key. So now he's got a hundred K worth of tokens sitting in a smart contract, waiting for him to grab it, but he cannot grab it because Binance is simply not giving him the private key. And that shows you that the moment you're dealing with custodian wallets in one form or the other, you are stuck to put your custody. But what you want also in the healthcare business, you don't want your kidney data or whatever your problem is to belong to this doctor or that HBO or this hospital. It's obviously yours. And as I go from hospital to hospital, healthcare, to healthcare country, to country, that data bloody travels with me and nobody at all, I don't need to ask people, people ask me about that data and whether they can use it.
Yes or no. And it's my fingerprint or my eye retina scan that says yes or no through what ultimately is a signature by my private key. So the important part is if you deal with very sensitive data and you need to embrace the core tenant of web three, you own the private key. Now there will be from the experience of things people will now say, yeah, but look at the usability of this. That is so 80 at this point, correct? The usability is below it's below crap. It's really sucks, but I'm not worrying about that. Remember how fast the web two got the usability story fixed. As soon as there money in it, we are gonna sit here in three years and this whole private key story is going to have been solved because a lot of young minds that know user experience and that know how to deal with it are now being incentivized to fix that problem because without fixing that problem, it will not scale. And for healthcare and other financial business focus on making it truly decentralized, focus on keeping itself sovereign and as a user, never give away your sovereignty, not with health data where I think we all agree, but I would also encourage you to find legally applicable ways to not give away control over your money to custodians, unless totally necessary. Think about it. The most valuable piece of data that exists in the world is your private key because the private key unlocks potentially hundreds of thousands of dollars.
Okay. Thank, thank you, Harry. And that was a great point about privacy access and ownership and just the, the critical criticality of the private key. John, can you maybe just share a quick perspective on any use cases in Australia that might point to where things are going?
I, I think so. I, I I've been here luckily in this, we like to call ourselves the lucky country for some years now and it's, it is a great place to be, but it has been slower to uptake. Some of the technologies we're talking about than other countries have been until recently. So I, I guess I'm, I'm now sort of almost glowing in the recent sort of initiatives that have been showing. So I'll pick two or three of them. One is the national approach to genomics information management Naum, as it's called, there's a initiative amongst a number of genomic researchers. And they're looking at very innovative ways of managing two key issues with that data, that data requires very large data sets the data of your DNA data. Genomic data is large in its own, right? But if you need a large amount of it to actually make any use of it in the sense of the statistically relevant sort of research program, so you need very large collections, you need to manage consent.
How do I manage consent? So the model they're approach working with is this idea of as a, as a donor of data, I can say, I like these programs. I don't like that kind of program. I like research into these areas, but not those areas. I don't want these commercial companies. So you can specify exactly how, and there's a, a global standard called duo, which you can use to describe this stuff. Excellent. Same with researcher passports and visa access to your data is controlled through a process that only lets certain people have access. So it's all, that's very encouraging. The other program that's very encouraging is a digital birth certificate program that started off in Australia. So we're looking at nationalized digital birth certificates, which I think will be awesome as a foundational thing. They're very, very interesting because the, you immediately come across technology as short mindedness that they think the first people to use the birth certificate will be the person whose birth certificate is, but you don't really need your own birth certificate until you become an adult.
The birth certificate is used mostly by the parents, not the child. When you start, you know, your child goes to school, gets vaccinated, whatever else. So, so you are the custodian of their birth certificate. And they're only interested in their own birth certificate when they come an adult and it has therefore multi-party interests to a credential. So it's a very interesting phenomena. And the last thing is there was a digital government exchange program with eight go countries working together, and they looked at digital identity interoperability. So programs freely available. You can look at the report published a couple of months ago, chaired by Australia. And in that report is a very positive sort of outlook on SSI as a new technology emerging. And that was to my experience the first time I'd seen multi multi-country governments talking about this technology in a way that was very positive. So that was for me encouraging.
Okay, great. Well, thanks. We're gonna switch gears a little bit now. And Mike data marketplaces and exchanges are one area where some people believe that there's a real opportunity for middlemen or data brokers to get squeezed. How do you think data exchanges will evolve? And do you have any thoughts on how AI might shape this?
Yeah, so, you know, by data exchanges, we're talking, I guess some of these decentralized finance things that are opening up, right, because the traditional exchanges or rails and all that of obviously the incumbents are, or are the ones that are supposedly getting scared by the, by the defi, the, the, the challenge we've mentioned private keys a bunch of times. And I, I don't wanna belabor that point, but in order for this stuff to, to, to get traction, we need that place to keep it. And so what you're seeing is decentralization happening, but with custodians, like open C, right open C takes care of, of allowing people to, to make it really simple, to, to have to form a transaction. And I worry that, and even on Instagram now, Facebook announced, cause I think it was yesterday day before they're gonna allow the minting of NFTs, right.
For free right free on Facebook. Here we are again. So I, I see so many exchanges out there. You see 'em advertising on the super bowl and I scanned the QR code and tried it out myself, but I'm not seeing the value for the, you know, millions or billions of people quite yet. Again, it has promised the crystal ball's super fuzzy on this one. The incumbents have a really good chance at being relative on both digital identity and better ways to transact. So you saw the banks here in the us form Zelle because they were tired of, of having others control the transfer of money. You've seen the banks start to talk about identity now, too with authentically. So a couple of 'em came together and said, let's share this rich identity data we have with third parties. Cause we already have it. And we're trusted once that, you know, gets more common.
And, and it's really embarrassing as a country that I have to scan a driver's license to prove who I am to a digital service. You know, I know, I know we can all be Estonia with a digital credential. That's been around for 20 years, but it's like, we're not even trying over here. You know, the, the people that issue, the even just go to the, the government resources here in the us, that we can't get these basics outta the way of proving who we are remotely. And until that's super easy and trusted, these exchanges are still gonna need custodians to make it easy for people. So I think it's a ways out until the private key. And, and we haven't talked about this on this panel here today. I know we're running lot in time, but isn't one way to have your private key be established or retrieved with your biometrics, right?
It's the only thing you have that is you. And of course, if you have a central database of people's biometrics that opens up other doors and challenges, and that scares the hell outta people when your face pops up on something. But if we do that and do it right, you know, just like we walk into the airport and we use clear, or the TSA scans your face and you walk through without having to take anything outta your pocket. Imagine if it were that easy to do a decentralized transaction, that's the type of usability we need for this to, to kind of get off the ground in a way that's trusted and where your face isn't used against you in a court of law.
That's great. I know we're very short on time. So I'm just gonna ask anchor to quickly comment on data exchanges and just his point of view there before we, we do a, a quick wrap up.
I think this world might not be as far as we think I'll, I'll repeat that. Cuz I think the difference is every time we do those kinds of interactions, doing them in an open standards based way. So having that result of that proofing be a verifiable credential that can then be reused by somebody else. So banks are doing K YCS, but if the resulting process of it was a digital attestation that says these attributes were verified for me, good enough for yourself, but it could pay it forward for others as well, who have to follow the same conformance. And then it's a matter of do I have to upload the same things all over again because you're gonna ask me to do the same thing with the three parties that we're doing it. These are for places where we don't have digital attestations directly available from authorities, sources like a government, even with Estonia or otherwise, right?
And so there needs to be a consistent model for it. It can be achieved. You could choose to do biometric binding on it so long. It happens on the user's control rather than in a centralized service. Recovery is also possible in that same way, rather than worrying about the loss or pneumonics. We have authoritative sources when we go to the national health services in the UK doctors have a staff passport as a verifiable credential where their information was verified by general medical council, as well as the UK post office to say you are the real person, you are a doctor go forth and practice any hospital you like in NHS network. So there are examples of this starting to happen for our part. We are making it easy and fast to do these things for our enterprise customers, cuz much of the world runs on these services like Microsoft and others.
And it's based on open start as an open source. So for our part, we are recommending to our customers, this should be your default for cross domain collaboration. Instead of building proprietary things in a closed bubble, do it in a standard way and pay it forward. That's how we can connect the network and build a trust fabric rather than continue to live in our own bubbles. And then it's really hard. But if you do that, then it enables all kinds of new business models on top of it. So I'll stop there and rest we could cover in Q and a maybe.
Okay, well we're, we've got about two minutes left, so I'm gonna quickly ask the panelists, John, I'm gonna start with you. And it's the same question for everyone, which is just any closing thoughts on web three, any big gaps, sort of what you wanna leave the audience with
John Long term key management by which I mean in 50 years time, I want to be able to access the digital credentials I was issued with now. So the public key of value issuing authority still needs to be available and trustworthy. How am I gonna get the same length of time as I get from paper?
Okay, perfect. So the 50 year public key Mike,
No, it's absolutely the, the, it comes down to keys and wallets and being able to make that indistinguishable from magic.
Perfect Harry,
I believe I'm fairly a little bit more optimistic than uncle here and I believe we have, if we manage to combine the centralized nature of identities, which lies in the fact that my national ID document is given to me by the government, it's not mine with the fact that the credentials can then be signed by delegated and authorized parties. Then the ability to take these credentials with you is here and now we are doing it in blocks move. So this is technology that is ready. So I believe we are pretty much in five years. We're gonna look back at this question and say, it's been done. What's new.
Okay. Wow. And on core please, if you can wrap it up for us.
Yeah. I think on the optimistic note, I think maybe solving it for the world will take longer, but if we can start on one scenario at a time and do it in interoperable standard space way, then connecting it up is within reach for us. Doesn't have to take years and decades.
Okay, great. Well, I think we're out of time because it's, it's, we're at the top of the hour. So I wanna thank everyone for joining us today. Great discussion. And we look forward to, well, I guess we look forward to maybe next year and seeing how much progress we'll make over the next 12 months back when we're back at the EIC next year,

Stay Connected

KuppingerCole on social media

Related Videos

Webinar Recording

Unify Identity and Security to Block Identity-Based Cyber Attacks

Join security and identity experts from KuppingerCole Analysts and ARCON as they discuss the importance of securing enterprise credentials, explain why a unified identity security approach in line with Zero Trust principles improve security and efficiency, and describe how to combine…

Analyst Chat

Analyst Chat #152: How to Measure a Market

Research Analyst Marina Iantorno works on determining market sizing data as a service for vendors, service providers, but especially for investors. She joins Matthias to explain key terms and metrics and how this information can be leveraged for a variety of decision-making processes.

Event Recording

Cyber Hygiene Is the Backbone of an IAM Strategy

When speaking about cybersecurity, Hollywood has made us think of hooded figures in a dark alley and real-time cyber defense while typing at the speed of light. However, proper cyber security means, above all, good, clean and clear security practices that happen before-hand and all day,…

Event Recording

The Blueprint for a Cyber-Safe Society: How Denmark provided eIDs to citizens and business

Implementing digital solutions enabling only using validated digital identities as the foundation for all other IAM and cybersecurity measures is the prerequisite to establish an agile ecosystem of commerce and corporation governed by security, protection, management of…

Event Recording

Effects of Malware Hunting in Cloud Environments

How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00