Identification
TLDR: In Utopia public-key cryptography is used for identification, sometimes automatically. An authority verifies real-personhood without breaking anonymity.
Prerequisites: Passwords
The act of identifying someone is extremely common. From websites to conferences, there’s a need to figure out who someone is. On one hand it’s important for identification to be painless and fast, given how frequent it is, and on the other hand if identification is too easy there is no privacy, and it becomes trivial to track/stalk people without their consent.
We’ve already discussed how public-key cryptography allows users on a trusted device to instantly log-in to websites by using keyfiles. This strategy balances the two concerns above. Identification is automatic, making it fast and painless. But because a device can generate effectively an infinite number of public/secret key-pairs, it can use a new identity for each website and service, preventing businesses from knowing anything about their patron’s browsing history. Of course, once someone chooses to link accounts or otherwise provide a way of tracking them across services, that privacy disappears, but this tradeoff is one where users get to decide what they prefer.
But there’s a major problem with an identity scheme that only uses public keys to identify users: sock-puppets.
If a website is like Facebook, it actively wants to avoid letting people have multiple accounts. If a person can create thousands of accounts, simply by generating new random numbers, they can engage in malicious behavior like sharing a post thousands of times, creating a false appearance that their content is high-quality. This is a huge problem on the internet right now; by some estimates more than half of Facebook users are fake. The number is probably lower — Facebook themselves claim it’s closer to 5% — but regardless, the problem is there and huge quantities of time and energy are spent fighting to prevent false users on social media.
Captchas aren’t sufficient, either. While they help reduce the number of bots on a platform, they are easily defeated by a dedicated attacker. Modern artificial intelligence is actively being trained to defeat these measures, and at the very least people can simply spend a little extra time “proving they’re human,” or simply paying people in poor countries to do it for them.
What’s needed is a way to show a site some kind of proof-of-humanity that can only be used once, but doesn’t allow the site to conspire with other sites to track users or break anonymity.
Brick and Mortar
Let's set the digital world aside for a moment and talk about physical shops. And in particular I want to talk about shoplifting, which has likely been on the rise in recent years.
The main issue with preventing shoplifting is that confronting a thief is difficult and dangerous. Retail chains don’t want their employees to be hurt in a fight and so employees don't have any reason to stop a shoplifter. As a result, increasing physical protections have been showing up, like keeping merchandise behind lock and key, which makes shopping less convenient for everyone.
Stores already had security cameras before this recent wave of theft, but a camera only goes so far when thieves are difficult to identify and the police are understandably busy with more serious crimes.
Utopian IDs
In Utopia there is a trusted authority called the Databank-of-People (DoP) that tracks every living person. If you’re the sort of person who’s warry of centralized/government institutions, take note that this service might be alternatively be provided by a decentralized cryptoprocess. But I prefer the centralized authority because it allows for more specialization and means there’s someone who’s clearly responsible for fixing errors and helping those who fall through the cracks.
The DoP uses a mixture of methods to confirm people have a single record in their database. The primary mechanism is social vouching by parents, et cetera, but photographs, DNA samples, and other biometric data are also collected. Once someone has established themselves with the DoP, they can simply register any number of public keys as means of identifying themselves.
Each service/business/agency that wishes to verify that its users aren’t bots or duplicate accounts can then create an account with the DoP. When a new user needs to be authenticated, that user signs a message saying that they’re okay with the DoP revealing whether they’re human to that specific business. The business then (electronically) forwards the user’s approval and asks the DoP who the user’s public key is associated with. The DoP takes the user’s account number (if it exists), combines it in a hard-to-reverse way (a.k.a. hashing) with the account number of the business, and returns the result. Thus, the business gains a unique identifier that will be consistent even when the user switches devices, but which is different between businesses, and reveals no name or other personal info, preventing tracking.
A lot depends on the integrity of the DoP, so Utopia invests heavily in oversight and in protecting the institution from attacks and leaks.
There are no ID cards or papers in Utopia. People who are pulled over by police officers or otherwise need to quickly identify themselves simply do so by providing their name and perhaps a birthdate. The authority that grants driver’s licenses will have photos and other info on file that will allow police to more-or-less verify identity once given a name. But if a person really needs to prove their identity, they can do so cryptographically via trusted device.
Mobile devices can be configured to connect to specific WiFi/bluetooth networks and authenticate with them automatically. This connection can be combined with sensors in a store to automatically recognize and verify shoppers, just as if those shoppers had signed onto a website. Most stores in Utopia offer this service, with specialized check-out lanes that simply bill customers using financial information entered ahead of time, allowing people to skip manually entering payment information at checkout (and maybe even engage in some automated haggling). And, since identification is done cryptographically, no one at the business need even know the shopper’s name, address, et cetera.
In high crime neighborhoods, this kind of automated shopping is the norm. Customers are required to have an account (that has verified payment info) with the store to enter. (And again, clever use of keyfiles stored on trusted devices means signing up for an account is quick, painless, and requires no loss of privacy.) If someone is caught shoplifting by a security camera, the store can simply charge the cost (with added fine) to their account, with no need for a potentially violent confrontation or a need to involve police. Ironically, the presence of this technology makes shoplifting extremely rare in Utopia.
(Amazon Go has enough of a similar vibe (very utopian) to my ideas that it feels worth embedding their video. Alas, it turns out that “just walk out” isn’t a technology which reliably works yet, and in practice they were paying a legion of people to manually review 70% of sales. Without more advanced tech, Utopia probably still requires people to scan items.)