In-Depth
Fighting for a Secure Digital Identity for All
Blockchain is poised to play dual roles that are much more significant than its cryptocurrency beginnings: disrupting conventional commerce, funds exchanges and payments, and establishing sovereign identity credentials at birth -- saving lives and undermining ID theft.
A global humanitarian effort to ensure every individual receives verifiable digital identification at birth has escalated into a rallying cry among providers of human rights services, diplomats, business interests and technology suppliers of all sizes. It's estimated that 1.5 billion people throughout the world have no traceable identity, subjecting millions to exploitation ranging from abduction and human trafficking to an inability to assert rights and access basic services. It's a crisis the United Nations is aiming to remedy by the year 2030 as spelled out in its Sustainable Development Goals (STG) agenda released last fall. It'll be a mammoth undertaking to establish consensus on distributing and recognizing digital credentials technically, politically and procedurally. A rapidly accelerating technology loosely called blockchain has emerged as a primary contender to play a key role in solving that problem by providing a self-sovereign, user-managed identity. Blockchain, which is the underlying technology for the cryptocurrency Bitcoin, is said to offer the potential of eliminating identity theft and other forms of fraud based on stolen credentials. A mix of experts in blockchain and related cryptographic technology gathered with representatives of technical standards bodies, human rights providers and diplomats at the U.N.-supported ID2020 Summit in late May. Microsoft and PwC, the global accounting and auditing firm, were the principal sponsors of the ID2020 Summit, which put the plight of those without identities and the opportunity for blockchain under a common spotlight.
Potential to Transform Business Models
There's a growing undercurrent of projects at the world's largest banks, financial services companies, trading exchanges and insurance companies, among other organizations already piloting processes that use the constructs of blockchain in a way that could upend many established business models. Proponents of blockchain say it replaces the concept of conventional centralized database repositories and third parties such as clearinghouses that execute and process transactions with a distributed general ledger that makes all credentials and transactions irrefutable. Consequently, the transaction processing and clearing process using blockchain can disintermediate various established "middlemen" across various industries ranging from financial services, health care, retail and advertising. The largest IT consultancies and global auditing accounting firms are now rolling out practices and methodologies that use blockchain to virtually reinvent business models and supply chains. Blockchain champions believe it will someday displace how trillions of dollars in commerce are transacted.
"In its broadest sense, it strips out business processes," says Patrick Spens, transformation and assurance director for blockchain at the global accounting and auditing firm PwC, which earlier this year started assembling a team of experts to build out a practice that helps organizations assess and build out processes using the technology. "It increases the margins, and increases the security around any business process. Not all business processes will require it. But if you are a CTO of a company, and you're doing a three- to five-year technology spend plan, you need to consider it."
"It increases the margins and increases the security around any business process."
Patrick Spens, Transformation and Assurance Director for Blockchain, PwC
The Sovereign Identity
Identity and access management is poised to play a key role in blockchain transactions. Experts say if everyone at birth is someday given a sovereign identity that would include capturing biometric characteristics such as a footprint, everyone would have an indelible initial form of authentication. The sovereign identity is different than traditional identification in that it's not based on a centralized directory, nor are they controlled by the equivalent of an administrator. Using the blockchain distributed general ledger concept, it would give a credential owner control over his or her information and how it's used and shared in transactions. It can also incorporate attributes such as reputation. The idea is it could never be hacked or used by anyone but the holder of the identity. It would make identity theft virtually impossible, advocates say.
And that's why blockchain is poised to evolve as a key new model in the management and exchange of information and funds, potentially reshaping ecommerce all in a vastly more secure manner than possible in today's digital world. Like many emerging and potential shifts in technology, there's no shortage of hype and speculation around what the future holds for blockchain much like what bitcoin itself has gone through with the outcome that bitcoin still has an uncertain place in the future of commerce.
Every major IT provider and a mushrooming community of startups are at least exploring, if not making major bets on, blockchain. Enterprise IT professionals should at the very least have it on their radar, says ID2020 Summit attendee Phillip Windley, an analyst at TechVision Research, who also serves as an enterprise architect and adjunct professor of computer science at Brigham Young University.
"Blockchain technology is a catchall for everything," Windley says. "Understanding that, the technology can provide a more secure form of verification and authentication." Windley says a universal identity system that's not under any single entity's control, such as the Internet's DNS, is within reach. "That will have a significant impact on enterprise identity, especially for companies who currently create identities for their customers," he says.
When he says "universal" he's doesn't necessarily mean exclusive. "Different distributed ledger technologies have different properties. Because of that, I think people will have identities on several ledgers to take advantage of the properties that are best applied in a given situation. I don't see this as a competition between permissioned and permissionless. I think they are both valuable and useful." For more of Windley's thoughts, see his May blog post.
Microsoft Goes All in with Blockchain
IBM Corp. and Microsoft are among the early major players at the center of some of the largest pilots. Microsoft took a decidedly robust and public interest in blockchain last fall when it mobilized a strategy to create strategic partnerships and brought some key pieces to market including its Azure Blockchain as a Service (BaaS). In late March, Microsoft said the Ethereum contract programming language Solidity will be available as an extension to Visual Studio, Redmond's flagship integrated development environment (IDE). Ethereum is an open source project that allows applications to run precisely as programmed with no way for third parties to interfere or create fraudulent transactions, according the Ethereum Foundation. The applications run on a custom-built blockchain, which in Microsoft's case is the service built on Azure with its partner ConsenSys to offer Ethereum Blockchain as a Service (EBaaS). "What you are seeing is Microsoft tactically reducing the barriers to entry to build these types of applications," says Andrew Keys, director of business development at ConsenSys.
While Microsoft's interest in blockchain is no secret, its efforts are still largely under the radar, in part because it's very much at its formative stages. "We think this will have a profound impact overall and one of the values Microsoft can bring is to allow people to build whatever blockchain scenario they want on top of our infrastructure," Microsoft Chief Strategist, Enterprise and Cloud Division James Staten tells Redmond. Over the past year, Microsoft has assembled a team of strategists and technologists to fast-track the company's blockchain efforts. In addition to Azure EBaaS and the Visual Studio Solidity extension, Microsoft has partnered with some influential purveyors of blockchain, most notably BlockApps Inc., ConsenSys and Ripple Labs Inc.
"One of the values Microsoft can bring is to allow people to build whatever blockchain scenario they want on top of our infrastructure."
James Staten, Chief Strategist, Enterprise and Cloud Division, Microsoft
Microsoft also joined a prominent effort by R3 REV, which is now piloting a payment network with 40-plus banks, including Barclays, Credit Suisse and J.P. Morgan Chase & Co., that can process transactions without traditional third-party clearing houses, while providing more secure and binding funds transfers. Microsoft and its partners have also kicked off proof-of-concept (POC) pilots with life insurer John Hancock to detect money-laundering activities and with upstart online-only bank Fidor using Azure BaaS to run its online retail platform.
Just as bitcoin is a technology for payments based on blockchain and Ethereum for programming and executing contracts, there are various others such as Dash, DAO and Ripple. Azure BaaS runs a Ripple validating node for banks that use it and Microsoft said it's exploring how the Ripple Interledger Protocol might be suited for the Azure enterprise and developer community for processes that use Azure EBaaS. "You're going to see the evolution of a whole new world of computing where the Ethereum blockchain can be used by anybody who wants to create a peer-to-peer agreement," Keys says.
For example, tired of sharing royalties with intermediaries such as record labels and waiting months to receive payments, Grammy-winning singer Imogen Jennifer Heap uploaded her music to a peer-to-peer blockchain. Now when a fan purchases and downloads her music, royalties are distributed proportionately to her and members of her band directly into their respective accounts within seconds of the transaction, Keys explained. "With all of these newer applications we are going to be building, we are going to disintermediate the middlemen," Keys says. "Literally banks, oil and gas companies, law and accounting firms are all examining and testing the technology. I do believe it will be the next generation of the Internet."
Microsoft has been around long enough to know that new business models and technologies can replace even those established for multiple generations. It has learned that all too well over its storied history, first, when Netscape came out of nowhere in 1994 to threaten its expanding Windows franchise, and later, when new platforms including Linux, iOS, and Android and players such as Amazon Web Services Inc., Apple Inc., Google Inc., Salesforce.com Inc., and VMware Inc. vastly shifted the status quo for Microsoft.
At the same time, CEO Satya Nadella has described identity as one of the core areas that Microsoft has, and wants to retain, leadership.
The Common Cause
To borrow the old chestnut, "never let a good crisis go to waste," there's nothing like creating vast new markets that could generate new wealth via new business models and saving millions of children from horrific lives to bring people together. It should also come as little surprise that Microsoft, like many large global organizations, contributes substantially to social causes. That's especially the case with issues related to sustainability and human rights, given the role founder Bill Gates and his wife Melinda have played on the world stage with regard to their foundation.
When experts in authentication, cryptography, telecommunications and next-generation forms of transaction processing convened at the ID2020 Summit, they were in the U.N. chamber to learn firsthand from ambassadors and those who deliver human rights services from non-government organizations (NGOs) the plight of the 1.5 billion people who don't have any form of valid IDs. In turn, the IT experts and representatives of standards bodies outlined potential solutions.
Millions of people throughout the world who have no identity are subject to inhumane forms of exploitation, including the abduction and kidnapping of babies and young girls, many of whom are forced into lives of slavery and forced prostitution.
"Equipping people with identities would be one way of taking on the traffickers," said Ruchira Gupta, founder and president of Apne Aap Women Worldwide, a registered charitable trust with consultative U.N. status in India chartered with routing out sex trafficking. In her remarks at the ID2020 Summit, Gupta said there are 270 million people around the world trapped as slaves. "Those who don't have IDs are most likely to be trafficked because nobody would know they're gone," she said. "They're disposÂable people. A trafficker can simply put them into another situation and nobody could be able to monitor and track what happens to them."
In India, giving people IDs has proven effective Gupta said. "The basic way for a person to reduce risk, and exit out of a situation of slavery is an ID because with the identity everyone has access to services, entitlements, access to human potential."
Regardless of the economic boon blockchain or some derivative of its basic constructs might present, there was no evident dispute that saving the lives of these women and other refugees around the world wasn't just gravy but a social responsibility that transcends capital gain. In addition to Microsoft's sponsorship of the ID2020 Summit, the company had four key executives who participated in the proceedings, of which much was dedicated to talking up how blockchain could achieve the consortium's goals.
"In terms of blockchain in particular, we think it's great because of its potential to empower people," said John Paul Farmer, Microsoft's director of technology and civic innovation. "This fits so well with Microsoft's own mission statement," which promises "to better serve everyone on the planet by representing everyone on the planet." Farmer joined Microsoft after serving as President Barack Obama's senior advisor for innovation in the White House Office of Science and Technology Policy, where he oversaw the President's innovation agenda. Nadella reportedly has taken a keen interest in the potential of blockchain and promoted blockchain behind the scenes at Microsoft's Build 2016 conference in late March, when the company released the Visual Studio extension. A week later and subsequently at the company's inaugural Envision conference in New Orleans in April, Nadella announced Microsoft's partnership with R3. In his Envision keynote, Nadella said the 40-plus banks running the R3 blockchain POC shows there is potential to "fundamentally transform how transactions happen and how settlements happen inside of financial institutions. And it's not limited, in fact, just to financial tasks. It can reshape the public sector, health care, manufacturing and supply chain."
"In terms of blockchain in particular, we think it's great because of its potential to empower people."
John Paul Farmer, Director of Technology and Civic Innovation, Microsoft
Microsoft last fall tapped Marley Gray, director of technology strategy for Microsoft's financial services vertical, as the company's blockchain business development and strategy lead. In that new role, Gray has overseen new partnerships. Gray gave a press briefing at ID2020 where he shared why Microsoft believes the consortium's effort fits in with both the company's business interests and core company values. "We have a technological perfect storm," Gray said. "We think it's going to be one of the fabrics that is going to be part of this transformation."
Gray also explained Microsoft's focus on wanting to play a key role in helping forge sovereign identities based on blockchain, not just to ensure every individual has one, but to provide much harder security for devices, including sensors, as they become embedded in Internet of Things-type scenarios. "This notion of establishing a secure identity for not just individuals, but everything," he said, "and being able to track and be able to transact, secure identity is one of those key enablers to allow you to flow through these different technology innovations. The challenge is not necessarily the technology, or the organization, it's bringing them all together. And that's only going to be done through these partnerships."
Asked at the event by Redmond how this fits into Microsoft's core identity offerings including Active Directory and Azure AD, Gray said that's still unfolding. "At Microsoft we do have a lot of identity solutions in the enterprise, we also have a huge footprint across the consumer. In the enterprise space we do think blockchain technology is a part of the solution," Gray said. "Will it be the solution? We don't know. We think there's some good ideas there we can use to evolve this [ID2020] partnership, that's the main reason we are here. It's to try to help raise the tide, lift all boats including those in underdeveloped markets, the unbanked and the underserved."
"We have a technological perfect storm. This notion of establishing a secure identity for not just individuals, but everything."
Marley Gray, Blockchain Business Development and Strategy Lead, Microsoft
Microsoft's Staten says he believes blockchain and the company's core identity offerings are complementary, not disruptive. "If you look at how you log in and verify who you are with blockchain, you still use a public-private key model to do that and there's still a need for a verification element of the identity, and that's actually what Active Directory does very well," Staten says.
Nascent Technology, Multiple Alternatives
Despite a flurry of activity, many IT providers are sitting on the sidelines, at least publicly. Efforts to develop standards and multiple open source initiatives are either planned or underway and, like any new technology, not all will prevail. In the meantime, proprietary efforts and POCs are taking place and many alternatives are in the mix. One that debuted last month was Swirlds, a company funded by and collaborating with Ping Identity. Swirlds founder and CEO Leemon Baird argues lag times, mining costs and the ability to enforce fairness when matching buyers and sellers, raise questions about blockchain. The Swirlds alternative hashgraph distributed consensus platform addresses some of those issues. Baird says it costs 4 cents to conduct a bitcoin transaction. "That's fine if you're buying something expensive but if you want to do a micropayment of a millionth of a cent for something like carrying packets on a network, that wouldn't be feasible," he says.
Some believe the term "blockchain" may itself fade into something different over time. "Many are running away from the term blockchain, they are embracing distributed-ledger technology, but the word blockchain has started to become associated with proof of work, and proof of work with miners, and all of that introduces performance constraints," says Timothy Ruff, CEO of Evernym Inc., which is building an open source sovereign identity network based on what it calls a high-speed permissioned network.
Whether Microsoft embraces Evernym's technology remains to be seen.
The way ConsenSys Keys envisions customers using blockchain is by logging into the public Ethereum network and being able to transact in a peer-to-peer fashion. Microsoft customers might access it through Azure, Windows or on a browser, he suggests. "You may click on the Ethereum blockchain but you'll be clicking on this self-sovereign identity portal, and that's how you will be able to participate on this next-generation World Wide Web," he says.
Byron Blunk, director for Software and Automation Strategy for the Office of the CTO at Dell Inc., says it makes sense that Microsoft would be playing a key role in advancing the identity management component of blockchain. Blunk, who joined Dell last September after spending a decade at Microsoft, said he wasn't privy to his former employer's blockchain agenda but said it appears to fit in with the company's history of looking to advance identity management and advance the concept of single sign-on. "Certainly, they're trying to drive some standards because they already have in Azure this concept of a persistent, uniquely identifiable identity and they have the concept of segregation of identities, so it's a very interesting thing," Blunk says.
While blockchain is on Dell's radar, as well, the company only has fielded a small number of inquiries related to it. "We were solicited by a large city government to give a presentation and one of the specific topics for that was blockchain," Blunk says. "We're hearing it very, very little but we're starting to hear it coming from all of the corners of the industry. I wouldn't expect that to be showing up on roadmaps in the near future but it's something that's interesting."