Presented on Friday, 13 July 2018 at the ITP Conference in Wellington, New Zealand
Kiwis can't express their identity digitally and securely across cultural backgrounds, across competitive boundaries. This is an ongoing, permanent problem so far. Yes, there are ways for it, e.g. using RealMe, Google federated identity, etc. But they all have their "warts". Some are expensive or cumbersome to use from an organisation's perspective. Others are leaking meta-data to corporates, whose goal is to use your information to be able to sell to you in a better way, thus making the end user The Product (TM). Yet others are lacking critical mass among the population to be successful.
A Bloomberg Intelligence's Report ("The year Ahead 2018") is quoting the cost for the US banking sector for KYC (Know Your Customer) or AML (Anty Money Laundering) breaches to total US$ 16.1 billion from 2008 to 2015. The same report cites the Royal Bank of Scotland to employ 2,000 staff (early 2017) exclusively to comply with KYC rules, with the expectation to lower this headcount by 95% given a viable digital solution.
Due to the magnitude of this problem, a local major bank has kicked off an initiative with the local community to venture into solution opportunities.
This paper presents the background to the problem statement, the goal definition and particularly the approach taken for the system. Design decisions and evaluations will be discussed for this system under the project title of "Kauri ID", a self-sovereign, blockchain-based identity infrastructure. It puts the user at the centre, and no company or organisation owns identity information or acts as a (formal) guardian.
Kauri ID employs privacy by design, enabling fine-granular, selective and confidential data sharing. Authenticity is implemented via a web of trust, attesting identity attribute claims.
Even though Kauri ID is inherently self-sovereign, sovereign aspects can be catered for via governmental attribute endorsements, thus building a bridge between New Zealand's RealMe system and Kauri ID.