Gottfried and I just announced GAIN – Global Assured Identity Network at EIC 2021.
GAIN is an Overlay network on top of the Internet with all its participants Identity Proofed. For details, please refer to the slide that we used (see below).
Contact details for joining GAIN as well as the link to GAIN White Paper is in the slide deck. We are going to have a Panel Discussion on Wednesday as well, so stay tuned.
- Join GAIN to re-GAIN Trust
(Transcript of Nat’s portion)
In the beginning of the internet, there was trust. Everyone was known by the participating organizations, and everyone knew that they will be held accountable.
When the internet opened up for commercial use in the 90s, trust was lost. Now, the majority of the participants became anonymous and they perceived they are not going to be held accountable. As the result, a lot of criminals and bad actors thrived in the network. The wild-wild-west era of the internet arrived.
Since then, many effort has been spent to rectify the situation, to regain the trust. However, it has not been really effective. Financial crime, borne of illicit activities with unquantifiable human impact, costs the global economy up to 5% of GDP per year. A humongous amount is being spent on anti-money laundering and anti-terrorist financing but so far it has not been effective. For every $1,000 of ‘illegal funds’ in the financial system, $100 is spent on compliance, but only $1 is intercepted. That is only 0.1%.
On the flip side of the coin is the financial exclusion.
Many people are financially excluded because the cost makes it commercially prohibitive to onboard them.
Being able to act anonymously has great benefits on the privacy front in principle. However, what we have achieved is the situation where our personal data is in danger and good actors are easily tracked by bad actors. What we have is privacy for skilled bad actors and no privacy for the rest of us.
Why are we not successful in thwarting these despite 30 years of time and the cost that we have spent?
This is because we did not address the fundamental issue of accountability.
What we need is to re-establish the accountability of every participant within the ecosystem.
Such ecosystems can interconnect each other based on comparability and mutual recognition principles to form the network of accountable ecosystems that eventually covers the good majority of the cyberworld population.
One such ecosystem is what we are proposing today: GAIN – the Global Assured Identity Network.
GAIN is an overlay network over the internet that consists of accountable participants only. All the participants are identity proofed to fulfil the regulation when opening accounts at their hosting organisations primarily consisting of the banks and other regulated entities. These high assurance attributes are used as the basis of identity information that are passed from the identity information provider to the relying party per the instructions of the End-User.
This is very powerful because End-Users are now able to prove their attributes, such as age, attested by a trusted entity instead of self-claiming.
Now one can prove that “I’m over 18” using the attestation from her bank, instead of just saying “believe me!”.
This is very good from a privacy point of view. In the case of Self-attestation, since the information receiver cannot believe what she says,
she usually has to present some form of an identity document, such as a driver’s license to prove it. At this point, she is disclosing much more attributes than age.
Such capability is hinged upon the identity proofing previously performed. Identity proofing is a very costly process.
If you try to do it just for this purpose, it may become prohibitively expensive.
Banks and other regulated entities that need to do identity proofing for their core business have an advantage in this respect. The identity proofing cost has already been taken care of by their core business. It is just like a huge online retailer started to offer cloud computing services to better utilize their redundant capabilities that were only needed in the holiday season. Other hosting vendors could not compete.
Being identity proofed by the Identity Information Provider does not mean individuals cannot act anonymously in GAIN. Individuals can act anonymously or pseudonymously towards merchants and other participants in the network. In fact, minimum disclosure of their attribute is the norm. However, it is made possible to be traced back to individuals to hold them accountable if they misbehaved following due process. An entity known as a designated opener can open the history of transactions to point to the person then.
All business entities in the network are vetted as part of the creation and maintenance of their business accounts at their hosting organization, and they cannot remain anonymous. They will be accountable. As a result, the consumer has the assurance that they will be safe to transact with them—meaning more business for the Relying Parties. All of the good actors benefit.
The effect is global. Merchants can now access all the participants in the network globally just by registering and contracting once.
Individuals can access all the Relying Parties in the ecosystem with the assurance that they exist and will be accountable. True that there still will be some bad actors, but their scope will be much more confined. The ecosystem will be much safer than the internet as it stands now. It will be good enough to make actions for participants. The trust is now re-established.
No process is perfect. Even in GAIN, there surely will be bad actors, but they are going to be the exception, not the norm so that the problem is much more tractable. It will be “good enough” to take action.
Trust is Re-Stored.
(Gotffried’s speech continues)
10 Replies to “Announcing GAIN: Global Assured Identity Network”
It is time to re-read Islands in the Net. There will always be bad actors that cannot be excluded. Some of them will be sovereign countries.
“For details, please refer to the slide that we used (see below).”
But there is no slide below.
It was made public before I put the link. Sorry. Now you should be able to see it.
This is an excellent platform as a vehicle to establish
trust in the ecosystem. The attributes used to establish claim that is used today to prove who we are is fundamentally flawed as it pertains to ” possession”.
It is like a house key, whoever has the key can gain access.
Proof of identity behind any device used for access should be user centric and dynamically YOUnique.
Indeed. Too many people confuses attributes authentication and entity authentication.
GAIN bring in a set of trusted ID providers together to create a network of trusted identities for transacting, it’s a real progress !
It will then have to be backuped somewhere by regulations and recognized legally by countries in order to meet its initial objectives.
Indeed. GAIN is like a set of roaming agreement and it is dependant of national or regional Identity schemes’ success.
And here is the statement from IIF
Banks eye GAIN to bring trust to the Internet and wrest identity from the grip of FAANG
Profile picture for user pwainewright
By Phil Wainewright
September 14, 2021
LinkedIn group for GAIN