By Roberta YoungCategories: AI & Technology

The Bleeding Edge – Biometric Blockchain

By Roberta Young & Brent Hunsaker

Blockchain has become widely known because of bitcoin and cryptocurrency. While there are many other uses for the technology, blockchain remains a crucial component of cryptocurrency. One application of blockchain technology has been proposed for worldwide adoption: Worldcoin. Worldcoin proposes creating a new cryptocurrency, Worldcoin, that uses blockchain technology for security and an iris scan to verify a user’s unique identity.[1]Audaciously, Worldcoin’s creators are working for world-wide adoption, however, significant issues arise with this concept. To understand the issues, it is necessary to understand what Worldcoin is proposing, the technology being used, and how that technology operates. In addition, blockchain as a security device will be discussed. A number of significant legal issues across the globe may arise, including issues with European and U.S. privacy laws.

Worldcoin is a new cryptocurrency that is in technical and scaling trials in India. Worldcoin aims to create the most widely and evenly distributed cryptocurrency by giving every person on earth. the same small amount of the currency: 25 Worldcoins.[2] The focus has shifted from digital currency to a system for third parties to leverage its registry of “unique humans” for identity-focused applications.[3] To date, more than 700,000 users in 25 countries have signed up with an iris scan.[4] The founder of Worldcoin, Alex Blania asserts that the company’s technology may also help solve internet security issues, namely, how to prevent “fake” identities from disrupting online activity, while preserving user privacy.[5]Another potential use case is distributing a universal basic income (UBI).[6] A bold goal for the company is to facilitate “digital democracy” and empower more individuals.[7] UBI has been tested in Chile, Finland, and Kenya.

Those lofty goals utilize a biometric technology that is facing considerable pushback. The biometric approach uses an iris scan and is performed using an iris scanner known as “The Orb.”[8] One advantage of the iris scan is that each person can register only once. Questions have been raised with respect to privacy, security, and transparency. Another challenge is that the network effects that were presumed to make the coin more useful than previous cryptocurrencies may not materialize, due to the ongoing fallout in cryptocurrency.

Security is provided through the concept “Proof of Personhood,” a combination of custom hardware, machine learning, cryptography and Blockchain technology that assigned a unique digital identity with complete anonymity.[9] Security is theoretically ensured because each user’s iris is unique, even more so than a user’s retina or fingerprints. However, it is theoretically possible that a user’s iris may change due to injury, accident, or eye surgery. Somewhat similar technology is being deployed at airports around the U.S., Clear, a product of the company Secure Identity, LLC allows travelers to purchase a pass that incorporates a facial scan with U.S. identity documents, thus tying an individual to the identity documents. While the Clear scan process focuses on the person’s eyes, the technology does not incorporate an iris scan. Clear uses a facial scan that uses measurements of a subscriber’s facial features to uniquely identify them. “The Orb” relies solely on an iris scan.

“The Orb” is a custom hardware device that is portable and captures iris scans of individuals willing to sign up for Worldcoin.[10] In addition to “The Orb” Worldcoin also uses a Worldcoin application. When signing up, an individual first downloads the Worldcoin application onto their smartphone or other electronic device. One installed the Worldcoin application creates a pair of linked cryptographic keys: a shareable public key and a private key that remains hidden on the user’s smartphone.[11] The cybersecurity technology has multiple layers and applications throughout the process, which begins with obtaining the iris scans, generating a 250 point map of the iris and compiling that map into a hashed iris identifier code. The use of a public-private key encryption algorithm in the smartphone application generates a unique public-private key set. The public key generates a quick response (QR) code that “The Orb” reads prior to scanning the enrollee’s irises.[12] “The Orb” is the name for the iris scanner. The enrollee’s irises are then scanned and a hash of the enrollee’s public kay is sent to Worldcoin’s server in a signed message.[13]A check is then made in the Worldcoin database to determine if the enrollee has previously signed up. If they have not, the enrollee is added to the database.

Public-private keys are used frequently. Public-private key cryptography is asymmetrical. Once a user has a public private key set the owner may provide the public key to anyone. The recipients can then use the public key to send an encrypted message back to the key owner. The key owner then decrypts the received encrypted message with their private key. All messages encrypted by the public key can only be decrypted by the private key. In addition, the public key can also be used to create a digital signature in a message to ensure authentication of the message sender. One vulnerability of public-private key systems is known as the “man-in-the-middle” attack.” “Man-in-the-middle attacks may be prevented by both parties controlling the communication system, something that may not be possible when using web-based applications. Enrollees in Worldcoin must keep the application current and their smartphone secure. One further development, quantum computing may increase the vulnerability of public-private key cryptography, making brute force attacks more feasible.

The public key hash is added to a registry on the Worldcoin blockchain.[14] To obtain the new enrollle’s free Worldcoins, the company uses z zero knowledge proof (ZKP). The ZKP lets a user prove knowledge of a secret without revealing the secret. The Worldcoin application wallet uses an open-source protocol to generate the ZKP showing that the enrollee’s private key is linked to a public key hash on the blockchain, without revealing which block.[15] Once the connection is verified by Worldcoin’s servers, the coins are sent to the enrollee’s wallet, which currently is an I.O.U.

Iris scanning was first proposed in 1936 by Frank Burch, an ophthalmologist who believed that every person’s iris is unique. Even identical twins have unique irises. A person’s retina may change over time, the iris does not. Surgeries such as cataract removal or corneal implants do not change iris characteristics. The texture of the iris resembles a network with multiple surrounding circles and patterns that can be mapped and measured. Each person’s unique iris pattern needs to be recognized in order to pass a biometric scan and allow identification.

There are two stages in performing an iris scan of the eye. First a snapshot is taken of the iris, usually done through a one-time photograph. Two photographs are taken, one under normal lighting and one under invisible infrared lighting.[16] Invisible infrared light is used in night vision devices and has a slightly longer wavelength than ordinary red light. The infrared light assists in recognizing the unique patterns of the iris in darker eyes. Both photographs are then analyzed by a computer and unnecessary details, like eyelashes, are removed. Software is used to highlight approximately 240 features in the iris pattern.[17]All unique characteristics found for each eye are converted into a digital number consisting of 512 digits, that is known as an iris code. If the iris code matches one of the iris codes already in the database, the individual is positively identified.[18]

The iris codes provide one level of security and the blockchain provides a further measure of security. Blockchain is a digital technology that combines cryptography, data management, networking, and incentive management to support checking, execution, and recording transactions between parties.[19]A blockchain ledger is a list, or chain, of blocks, or groups of transactions that are to be recorded on the ledger. There is no central control and there is no trusted third party.[20] Blockchain is a distributed ledger that is encrypted at each one of the distributed nodes. Trust is provided by the collective jointly operating the Blockchain.

Blockchain systems have significant disruptive potential because they can process challenging issues in data replication and system state synchronization with high integrity. Specifically, blockchain provides integrity criteria that are to be checked for each transaction and block. A blockchain is a constantly updating document that grows as additional transactions are added.[21] One key distinguishing feature is the blockchain is append-only, meaning that only new transactions can be added. Old transactions cannot be modified.[22]Blockchains offer strong cryptographic mechanisms and incentive mechanisms. For Worldcoin, blockchain is used to maintain a ledger of enrollees and provides a digital ledger technology. The distributed ledger is structured into a linked list of blocks.

Worldcoin faces a number of potential legal issues with the plan to sign everyone up for the new cryptocurrency. One legal issue that may arise during the sign-up process is informed consent. Users may not be aware that they may be signing up for a global identity system. Informed consent is crucial in many medical contexts, and because an iris is biomedical information, the iris scans fall under the Health Insurance Portability and Accountability Act of 1996 (HIPAA)[23] This act governs access and security related to protected health information. HIPPA establishes U.S. standards to protect individual medical records and other individually identifiable health information. The unique nature of an iris scan is that it is individually identifiable. Individuals have rights over their protected health information, including rights to examine and obtain a copy of their health records, to direct transmission to a third party, and to request corrections. The only way to correct a blockchain is to append a new corrected block and at present there does not seem to be a mechanism for an enrollee receive a copy of their information, unless it is an unhashed copy of the iris scan.

Another potential legal pitfall concerns informed consent and children, a troublesome issue for a planned world-wide coverage identification system. If the goal is truly to cover everyone, then the issue of informed consent applies to children. In California children 12 years old and older may consent to some services, such as medical care and counseling related to the diagnosis and treatment of a drug or alcohol related problem. Children 12 and over may also consent to treatment for an infectious, contagious, or communicable disease if the disease is one that is required by law to be reported.[24] Otherwise, in California, the age of consent is 18.

It’s impossible to revoke and reissue your own iris, and, the iris registry cannot be audited because the blockchain storage does not allow audits. A security issue also exists in that unhashed iris scans have no security measures applied to them. In addition, there is no ongoing link between enrollees and their World Ids issued by Worldcoin.

Still further issues concern privacy laws, both in Europe and in California. The European Union General Data Protection Regulation (GDPR) governs how the personal data of individuals in the EU may be processed and transferred.[25] The GDPR went into effect on May 25, 2018. The GDPR is broad, personal data is considered any data or information that relates to an identified or identifiable living individual. Iris scans certainly qualify under the GDPR. The GDPR also covers processing data, including such actions are collecting, recording, storing, and transferring data. The intent to offer goods and services in Europe is relevant to determining if the GDPR applies. Because Worldcoin intends to offer cryptocurrency and related services, the GDPR will likely be held to apply.

California has also passed a privacy act, the California Consumer Privacy Act (CCPA). The CCPA was passed in June 2018 and allows any California consumer to demand to see all the information a company has saved on them as well as a list of all third parties the data is shared with.[26] More specifically, California consumers have the right to know about the personal information a business collects about them and how it is used and shared. The right to delete personal information collected from them (with some exceptions). Both of these rights could conflict with the Worldcoin model. While enrollees may know that the iris scans will be used to identify them and to tie their Worldcoin to them only, they may not be aware of other uses the information may be used for. The right to delete information poses a particular challenge for the blockchain model. Given that the blocks in the blockchain cannot be deleted, compliance with the right to delete becomes problematic.

Additional rights include: the right to opt-out of the sale or sharing of personal information and the right to non-discrimination for exercising their rights under the CCPA. This also poses potential problems, as the iris scans are separated from other identifying information. A potential mitigating factor is that, at present, a market for a copy of an iris scan may be small or non-existent. However, if iris scans become more widely used, then this may become a larger problem. For now, Worldcoin may be able to avoid applicability of the CCPA, as a company must serve California residents and have at least $25 million in revenue. Failing to comply with the CCPA is costly, companies may be fined up to $7500 per record. Given the number of people Worldcoin seeks to serve, the CCPA fines could destroy the company.

Worldcoin is an interesting concept with unique features and technology. While the goals of the company are lofty and worthwhile, significant roadblocks exist and will likely hinder adoption. It seems deeply ironic to use a de-centralized mechanism like Blockchain to implement a universal identification scheme, which also has significant authoritarian aspects. For those reasons, skepticism is healthy and necessary.

[1] Edd Gent, A Cryptocurrency for the Masses or a Universal ID”, IEEE Spectrum 42 (January 2023).

[2] Id.

[3] Id at 43.

[4] Id.

[5] Id.

[6] Id.

[7] Id.

[8] Id. at 44

[9] Id.

[10]

[11] Id.

[12] Id.