Guest: Chris Boscolo
Presenter: Neal Howard
Overview: Chris Boscolo, CEO of lifeID, discusses the benefits of Blockchain Technology Security and how it relates to identity privacy in the business world.
Blockchain is a technology that serves as a secure point of coordination that allows a network of computers to come to an agreement on information and share that information with other computers without owning or controlling that process.
LifeID provides a single identity to the user to interact securely with the world. It’s an app that identifies the user to any chosen technology without using any usernames and passwords because lifeID uses your smartphone’s biometrics to identify you. Prior to founding lifeID, Chris Boscolo was Vice President of Development for Optimum Energy, a company that builds and markets cloud-based software solutions that optimize some of the world’s largest HVAC systems.
Neal Howard: Hello and welcome to Talkers.FM Business Radio. I’m your host Neal Howard, thank you for taking the time today. Our guest is Mr. Chris Boscolo with lifeID and he’s joining us on the program today to talk about blockchain technology and how that technology relates to identity, privacy and things of that nature in business. Welcome to the program Chris.
Chris Boscolo: Thank you very much Neal, glad to be on it.
Neal: Thanks. Well we’re talking about blockchain technology, what is blockchain?
Chris: So blockchain is a technology that allows for a network of computers to come to agreement on information and share that information with other computers without any one computer owning, or controlling or managing that process. It’s a shared process that all the computers agree to follow a certain set of rules and by following those rules, they all get to participate in this network.
Neal: Now you’re with lifeID. Give us a bit of background about yourself and talk about starting lifeID.
Chris: Sounds good. So first of all, my background is I come from internet security background. I worked many years in building firewall and VPN technology which used significant amount of cryptography and the various protocols that run and drive our internet. lifeID is a new way for users to login to websites and share information about themselves in such a way where they get to preserve and choose what parts of their personal information they’re going to share with the other parties and it uses the blockchain as a secure point of coordination for the identifiers that they’re going to use to share with other people. And so for example, let’s imagine a scenario where you’re going to log into a website that you’re going to rent an apartment from. So in today’s world, you’d give them a username and a password and then once you’re logged in, you would share all of this information about your current employer, how much money you make and you would send all this information to that website. They would then turn around and look it up in centralized databases like Equifax and these places that are storing our central data about our privacy information. With lifeID, it flips the problem around. Instead of logging in with a username and password, you use a cryptographic identifier that you choose and you possess and you use the blockchain to coordinate what that identifier is with that website. And then in addition to that, instead of sending all of this information about yourself, you send these cryptographically signed claims that for example from your employer might say, “Yes, Chris is employed at this company. He’s been here since 1999 or 2014 or whatever and he earns above this amount of money.” And by sending that over to the rental website, the rental site can then confirm that that employer did indeed sign it cryptographically so they can prove that the information is correct and the blockchain is a very secure platform for securing that information. And then that information that I sent them is only a small portion of what they need to know in order to carry out their business like for example, I am employed at that particular place of employment or I earn above some income without actually specifying what my income was.
Neal: So if I’m understanding correctly, rather than a “shotgun effect” when you give personal information, you get to pinpoint which information you give that is pertinent only to that recipient and then that recipient doesn’t have the opportunity or the ability to share information with others that they might need that has nothing to do with your particular transaction, is that correct?
Chris: That is exactly correct.
Neal: So this technology, it sounds extremely uncomplicated. Having a background in internet security, what are the chances of some unscrupulous characters working around the security?
Chris: Well that’s a great question. And if you’ve been following what’s going on with cryptocurrency and Bitcoin and all of those things, let’s take Bitcoin as an example. The Bitcoin network is worth oh my goodness, worth of 100 billion right now, right? That creates a very, very large financial target for people to try to circumvent the security if you will. So the benefit to the rest of us for using blockchain is because there’s such a big prize on that network financially for trying to break the cryptography or figure out ways to get around it, it means there’s a lot of people doing it which means that after Bitcoin spent now and that’s in existence since 2009 and has had no successful attacks against, it gives us really good confidence that the security layer is rock-solid. And so, that’s something that as we use this technology for other applications, we have the confidence of knowing the security layer is pretty rock-solid and it’s unlikely that somebody is going to be able to circumvent the security measures.
Neal: What about just mentioning Bitcoin, the mining. Is all of the security based on the electronics, based on these servers and their cooperation with each other, how much human interfacing is done to make this transaction secure?
Chris: So there’s two parts to this answer. The mining part has to do with arriving at consensus on updates to the shared information and then there’s cryptography that’s involved with actually securing the data. There’s a lot of research and there’s a lot of ongoing developments on the cryptography side and we feel pretty comfortable with the key sizes we’re using today that the measure of the secure nature of the cryptography itself. So the information that we share using the cryptography, there’s a high degree of certainty that that’s not going to be vulnerable for many, many, many, many, many years. The mining part of it though has to do with as I said with the consensus on all of us agreeing that the update that I presented with my identifier is the one that everybody should use. That part of the network protocol if you will is definitely vulnerable for mining attacks if you want to look at those. But there again, Bitcoin is one example of a blockchain based network that has survived as I said of nearly ten years of people trying to attack it and thus far has been resilient.
Neal: Let’s talk about the financial benefits. Obviously from a security standpoint, saving money by not having to resolve security issues, or legally or otherwise, how is a company going to benefit greatly financially as far as efficiency is concerned?
Chris: So there are the efficiency gains. The one thing that lifeID strives to do is make the user experience so much better than the password model that we’re using today that users actually enjoy the experience and its adoption for example for signing up new users will be higher. But there’s another aspect that’s coming into play which is nations and even in the United States are pushing regulations of the form of for example in Europe, there’s GDPR which are regulations that are intended to preserve the privacy of the individual and requiring that companies follow certain privacy first designs and regulations about what can be disclosed and how their information can be shared. And so, the fines for not following these regulations are going to be quite high for companies. And so, an approach for identity that is this privacy first approach that the lifeID architecture embraces is going to help companies navigate these regulations that are coming in the next one to five years. So there’ll be a large efficiency from just the user experience being more efficient but then there’s also this ability to satisfy the regulatory side of what’s going to be coming in the next five years and in a way that’s going to preserve the privacy of the individuals.
Neal: We’d like to learn some more about lifeID, where can we go online and do that?
Neal: Great. Chris Boscolo, CEO of lifeID. Thank you so much for joining us here on the program today, it’s been a pleasure.
Chris: Thank you very much Neal.
Neal: You’ve been listening to Talkers Business Radio. I’m your host Neal Howard. Transcripts and the audio of this program are available at Talkers.FM.