Yup. There are many working examples of SSI that have weak leveld of identity insurance.
C. Maxine Most
Principal, Acuity Market Intelligence
www.acuitymi.com
+1 720 530 5836
On Nov 22, 2023, at 11:31 AM, Pieter VanIperen wrote:
Wholeheartedly agree with Jay's analysis here. These are the exact issues I have faced when attempting to build this before. The sync of trust between device and vendor driven bios and witnessed bios(which have their own reliability issues) make the trust path vulnerable
On Wed, Nov 22, 2023, 12:45 Jay Meier mailto:jay@facetec.com> wrote:
There are many examples of an SSI model that is working in the field. The issue isn’t about whether it functions. Nor is the issue about distributed ledger data storage. The issue is the appropriate level of trust that the claimant is, in fact, the actual living human that was granted privileges by the issuing authority (the credit union in this case).
[image0.png]
This screenshot from that system highlights the point. “Bad data in is bad data out”…if you don’t know who you’re enrolling, you can’t know who controls the SSI credential or the device the credential is bound to. Moreover, the system says it uses face and/or finger biometrics. I promise you they refer to “device-native” biometrics supplied by the device manufacturer. But these are “Anonymous Biometrics”, which are biometric data that’s not bound to verified identity data anywhere AND can be replaced with anyone’s biometric data, who has the device PIN.
In this system, the very best applicant identity verification is weak at best and provisioning can only be done in the credit unions office. It can’t be done remotely, because you have absolutely no idea of who is supplying the verifiable identity data and who is in control of the device the credentials will be provisioned to. This exact vector is being used to commit identity frauds and breaches today.
Under these circumstances, the system effectively enables fraud, by allowing for the enrollment of a fraudster in the system, as a legitimate customer. And then it will authenticate that fraudster as a legitimate customer every single time, because the claimants credentials are irrefutable.
Make sense?
Jay
On Nov 22, 2023, at 11:22 AM, heather vescent mailto:puissant@heathervescent.com> wrote:
Hi All,
I got in touch with the people who did this. It is called Member Passhttps://www.memberpass.com/. Moderately successful with 20 credit unions and many millions of members. More details on how it workshttps://www.memberpass.com/about-memberpass/#:~:text=Recent%20advancements%2....
Reading the info, looks like they may set up the account in a member branch, using a specific app based wallet to hold the credential, which can then be used in person or online (and I might think in the metaverse scenario too).
Say what you will about decentralized identity, but this is working and has been in production for years.
Cheers,
-Heather
On Tue, Nov 21, 2023 at 9:22 AM Sean Lanzner mailto:seanlanzner@gmail.com> wrote:
Bad in, bad out is certainly a useful way to frame it. As Pieter says, the challenge with the VCs is multifold;
- is the ID legitimate? Tons of good fakes, especially in the US
- is the person in the selfie being compared to the ID a real live individual?
- how to continuously authenticate the owner of the VC held within a device or wallet is the same one who enrolled?
On Tue, Nov 21, 2023 at 10:09 Pieter VanIperen mailto:pieterwvaniperen@gmail.com> wrote:
This is not unlike other methods that have been designed. The problem here is at the initiation of linking the crypto assurance with the Identity. It's a garbage in garbage out problem. If the wallet is setup with a deep fake and a faked doc which matches each other, the assurance is now attached to the deep fake. So what assures the identity is authentic at initiation.
On Tue, Nov 21, 2023, 10:01 heather vescent mailto:puissant@heathervescent.com> wrote:
Jim,
It's not so complicated. I know Darrell O'Donnell and some Canadian banks were doing something like this for call centers in the early SSI days (like 4+ years ago). Seems doable with a wallet that holds VCs and interfaces with existing communications methods. Imagine if Signal App added a VC wallet. It's not unlike verifying your identity on LinkedIn.
I'd have to dig in more than the 5 minutes I spent this morning to vet the level of reality.
-Heather
On Tue, Nov 21, 2023 at 7:48 AM jim pasquale mailto:jimpasquale@gmail.com> wrote:
FYI: Sounds to good to be completely true.
https://youtu.be/Z5YkVll6P-8?si=Grp7TKos1qTgEXlK
Using Self-Sovereign Identity to Mitigate AI Deepfake Fraudhttps://youtu.be/Z5YkVll6P-8?si=Grp7TKos1qTgEXlK
youtu.behttps://youtu.be/Z5YkVll6P-8?si=Grp7TKos1qTgEXlK
_______________________________________________
A Community Group mailing list of KantaraInitiative.org
DG-DeepfakesIDV mailing list -- dg-deepfakesidv@kantarainitiative.orgmailto:dg-deepfakesidv@kantarainitiative.org
To unsubscribe send an email to staff@kantarainitiative.orgmailto:staff@kantarainitiative.org
List archives -- https://mailman.kantarainitiative.org/hyperkitty/list/dg-deepfakesidv@kantar...
______
Group wiki -- https://kantara.atlassian.net/wiki/spaces/DG-DeepfakesIDV
--
Heather Vescenthttp://www.heathervescent.com/
President, The Purple Tornado, Inchttps://thepurpletornado.com/
~ The Future in Present Tense ~
Columnist, Biometric Updatehttps://www.biometricupdate.com/?posttype=all&s=heather%20vescent
Author, The Secret of Spieshttps://amzn.to/2GfJpXH | The Cyber Attack Survival Manualhttps://www.amazon.com/Cyber-Attack-Survival-Manual-Apocalypse/dp/1681886545... | A Comprehensive Guide to Self Sovereign Identityhttps://www.amazon.com/Comprehensive-Guide-Self-Sovereign-Identity-ebook/dp/...
@heathervescenthttps://twitter.com/heathervescent | Film Futureshttps://vimeo.com/heathervescent | Mediumhttps://medium.com/@heathervescent/ | LinkedInhttps://www.linkedin.com/in/heathervescent/ | Future of Security Updateshttps://app.convertkit.com/landing_pages/325779/
_______________________________________________
A Community Group mailing list of KantaraInitiative.org
DG-DeepfakesIDV mailing list -- dg-deepfakesidv@kantarainitiative.orgmailto:dg-deepfakesidv@kantarainitiative.org
To unsubscribe send an email to staff@kantarainitiative.orgmailto:staff@kantarainitiative.org
List archives -- https://mailman.kantarainitiative.org/hyperkitty/list/dg-deepfakesidv@kantar...
______
Group wiki -- https://kantara.atlassian.net/wiki/spaces/DG-DeepfakesIDV
_______________________________________________
A Community Group mailing list of KantaraInitiative.org
DG-DeepfakesIDV mailing list -- dg-deepfakesidv@kantarainitiative.orgmailto:dg-deepfakesidv@kantarainitiative.org
To unsubscribe send an email to staff@kantarainitiative.orgmailto:staff@kantarainitiative.org
List archives -- https://mailman.kantarainitiative.org/hyperkitty/list/dg-deepfakesidv@kantar...
______
Group wiki -- https://kantara.atlassian.net/wiki/spaces/DG-DeepfakesIDV
--
Heather Vescenthttp://www.heathervescent.com/
President, The Purple Tornado, Inchttps://thepurpletornado.com/
~ The Future in Present Tense ~
Columnist, Biometric Updatehttps://www.biometricupdate.com/?posttype=all&s=heather%20vescent
Author, The Secret of Spieshttps://amzn.to/2GfJpXH | The Cyber Attack Survival Manualhttps://www.amazon.com/Cyber-Attack-Survival-Manual-Apocalypse/dp/1681886545... | A Comprehensive Guide to Self Sovereign Identityhttps://www.amazon.com/Comprehensive-Guide-Self-Sovereign-Identity-ebook/dp/...
@heathervescenthttps://twitter.com/heathervescent | Film Futureshttps://vimeo.com/heathervescent | Mediumhttps://medium.com/@heathervescent/ | LinkedInhttps://www.linkedin.com/in/heathervescent/ | Future of Security Updateshttps://app.convertkit.com/landing_pages/325779/
_______________________________________________
A Community Group mailing list of KantaraInitiative.org
DG-DeepfakesIDV mailing list -- dg-deepfakesidv@kantarainitiative.orgmailto:dg-deepfakesidv@kantarainitiative.org
To unsubscribe send an email to staff@kantarainitiative.orgmailto:staff@kantarainitiative.org
List archives -- https://mailman.kantarainitiative.org/hyperkitty/list/dg-deepfakesidv@kantar...
______
Group wiki -- https://kantara.atlassian.net/wiki/spaces/DG-DeepfakesIDV
_______________________________________________
A Community Group mailing list of KantaraInitiative.org
DG-DeepfakesIDV mailing list -- dg-deepfakesidv@kantarainitiative.orgmailto:dg-deepfakesidv@kantarainitiative.org
To unsubscribe send an email to staff@kantarainitiative.orgmailto:staff@kantarainitiative.org
List archives -- https://mailman.kantarainitiative.org/hyperkitty/list/dg-deepfakesidv@kantar...
______
Group wiki -- https://kantara.atlassian.net/wiki/spaces/DG-DeepfakesIDV
_______________________________________________
A Community Group mailing list of KantaraInitiative.org
DG-DeepfakesIDV mailing list -- dg-deepfakesidv@kantarainitiative.org
To unsubscribe send an email to staff@kantarainitiative.org
List archives -- https://mailman.kantarainitiative.org/hyperkitty/list/dg-deepfakesidv@kantar...
______
Group wiki -- https://kantara.atlassian.net/wiki/spaces/DG-DeepfakesIDV