Just the name, globalID, might arouse suspicions among the tinfoil hat crowd.
To others, the startup’s stated mission may sound like an anarchic hippie’s dream: create a decentralized system of
In reality, globalID falls in between the two extremes. The company claims its approach can restore data privacy for individuals and expand access to financial services for the poor while helping regulators and law enforcement to locate bad actors.
“If we design our identity systems right, we shouldn’t have to have a world of Mad Max or George Orwell,” said Greg Kidd, a co-founder and the chief executive of globalID, “so that essentially privacy and security could be complementary.”
The San Francisco-based company said Thursday it had raised $2 million in a second
Assuming it works as advertised, globalID’s proposed architecture for digital identity could alleviate a major cost for banks: storing and securing sensitive
On the other hand, portable identity would also reduce
“If you don’t have to reestablish the authenticity of a consumer’s identity every time they engage in a financial service, that will reduce the cost of giving access to an account or
Hence, the setup would “enhance competition in financial services,” said Barr, who was a key architect of the Dodd-Frank Act and teaches law and public policy at the University of Michigan.
While there are
GlobalID envisions a world where PII would no longer be promiscuously shared. (How many strangers have you given your Social Security number, street address or birth date over the phone?) Instead, this data could reside only in two places: an encrypted "data store” on users’ phones and an offline “identity vault” maintained by globalID or a provider it has certified.
Rather than forking over personal information to sign up for services, users could point to third parties’ assertions about that information (e.g., “OVER_18” rather than “born Feb. 13, 1961.”), tied to their names on a
The identity vaults would serve two main purposes: one, to assist with
“Banks have to make this fundamental decision: What business are we in?” Kidd said. “They are in the identity business, in a way. They are a trusted source of
The
Investors in globalID include Arbor Ventures, CampOne Ventures, and Kidd’s own venture capital firm, HardYaka.
Alka Gupta, another co-founder and globalID’s chief operating officer, said the company expects to make its money in part by charging large institutions a fee for
Before starting globalID, Kidd was the chief risk officer at the payments technology provider Ripple from 2013 to 2015, and the companies' strategies are similar. Both seek to
Early adopters of bitcoin, whose attitude toward regulation ranged from indifferent to hostile, viewed Ripple as the cryptocurrency equivalent of
While at Ripple, Kidd
Privacy is likely to become a flashpoint in digital identity
“Nobody could come and do a mass search that could result in a mass data breach,” Kidd said. “But you might be able to ask a question about one identity to drill down to get the PII with due process, but no bulk access to PII.”
Yet users
“We need to have the courage
Unlike Facebook, “we’re not in the business of reselling” personal information, he said. “We’re only in the business of meeting your BSA/AML responsibilities, say for filing a SAR. You’ve got to prove that you’re there looking for SAR information.”
Gifford, Kidd's former colleague at Ripple and Promontory and an early adviser to globalID, argues that the data vaults are preferable to the secret “
“Better to have a front door people can walk through with appropriate procedures than to have no door,” in which case authorities will still “find a way in,” said Gifford, who was also a co-author of the Windhover Principles, a 2014
To hardcore advocates of self-sovereign identity, though, a door is a door, and a nonstarter.
“We’re dead set against that,” said Timothy Ruff, the CEO of Evernym, the company that developed the software for
Philosophical questions aside, startups need users. So far, globalID has a pilot test in the works with Viamericas, an international remittance company based in Bethesda, Md.
Paul Dwyer, the CEO of Viamericas, said a mobile app that takes into account multiple attestations, including the user’s contact list, can be a more reliable proof of identity than physical documents alone. “It’s harder to fake being somebody who has hundreds of contacts,” he said.
Viamericas, which facilitates money transfers to 34 countries, also sees this technology as something that could help the company diversify.
“The other products and services we can offer to our senders and receivers cannot easily benefit from the identity work we do around the money transfer service because the methods of collection and storage of that information are adequate for purpose, but not easily portable,” Dwyer said.
An identity designed to be reusable “will facilitate our entry into adjacent services,” such as stored-value cards, he said.
Barr, the former Treasury official, said such a system would also promote global
“One of the pervasive problems in the developing world,” he said, “has been how to help people establish who they are for purposes of financial services.”