Building the Trust Graph

Identity is the trust layer that underpins every transaction between people and organizations. For Americans, identity works very efficiently in the real world because state governments provide a neutral and trusted way to verify an individual’s legal identity through a drivers license or a state ID card. Yet, because state governments have not issued a digital ID to fulfill the same function for online transactions, the Internet more closely resembles a series of intranets with each website mandating the creation of a new login that is only useful at that website.

Because private sector companies are not neutral or trusted providers of identity like state governments — primarily because their incentives as a business are misaligned with consumers’ interests — the result is an online ecosystem where the most trusted logins are not portable and your most portable logins are not trusted.

A large bank like Wells Fargo would never let their customers use a Wells Fargo Single Sign On to create a bank account at one of their competitors because that would make it easier for their competitors to solicit their customers. Facebook and Google take advantage of their scale by forcing consumers to choose between the convenience of logging into a website without creating a new account and releasing control over how their data is mined and used with advertisers.

Trusted Logins Are Not Portable and Portable Logins Are Not Trusted. Government ID Cards, like a drivers license, would be positioned in the top right quadrant if they existed in digital form.

At ID.me, we have built a platform — the ID.me Identity Gateway — designed to solve identity at the Internet level by Building the Trust Graph in a manner that enables the achievement of the four goals outlined below:

1. Empower users to login with one trusted credential at every website they visit by selecting from different, accredited identity providers capable of verifying an individual’s legal identity. Effectively, DMVs will be replaced by banks, telecoms, and other identity providers that gain accreditation.
2. Use web services tied to authoritative databases that are capable of verifying other things that are true about a given legal identity such as income, student status, credit score, doctor status, patient status, etc.
3. Audit applications that request an individual’s personal data to ensure they are not requesting more personal data than is reasonably required to complete a given transaction.
4. Ensure that personal data is never centralized by one entity or in one database.

For a real world example, take the United States Department of Agriculture’s (USDA) Supplemental Nutrition Assistance Program (SNAP), more commonly known as the Food Stamp program. In order for an individual to establish eligibility for SNAP, USDA will need to have confidence in the citizen’s legal identity and income. In ID.me’s model, the user experience works as follows:

1. USDA’s SNAP application owner sets an access requirement of high assurance in a legal identity and an income threshold for a household, currently $2,628 in gross monthly income for a household of 4.
2. The user selects their identity provider of choice, let’s say a bank where the user already has an account or login.
3. The bank provides the user’s legal identity to ID.me’s Identity Gateway.
4. ID.me examines the access policy and sees that income verification is also required. ID.me routes the legal identity to the IRS, the best source for income data, and asks the IRS how many dependents were claimed on the last tax return, and if the gross monthly income is less than $2,628.
5. The IRS can simply give a “Yes or No” response to establish income eligibility for SNAP without revealing the individual’s actual income.
6. ID.me’s Identity Gateway adds the income verification response to the legal identity, encrypts the data, and sends it over to USDA. ID.me’s Identity Gateway does not retain any of the personal data.

At the end of the transaction, the identity provider is unaware of the additional elements of personal data that were verified, the broker does not retain personal data, the user is able to efficiently prove eligibility using an existing, trusted login they already have, and the government agency receives the personal data they need to make an eligibility determination without manual reviews and/or forcing the citizen to create a new login at that agency. Visually, the process looks like this where hard lines indicate steps that the user must take to authenticate and dashed lines represent identity checks that are abstracted from the user experience:

Overview of the ID.me Identity Gateway

The end result of ID.me’s approach is an Internet where legal identity and other elements of personal data are portable across different websites without being centralized by any one entity. Like physical ID cards, the decision to display personal information to a given person or organization is left solely to the user based on their own preferences. In short, we envision a world where end users only have to manage one or two logins that are universally accepted by every different website they visit, just as a drivers license or passport is ubiquitous across organizations in the physical world.

The team at ID.me is building the trust graph for the online world. Our mission is to make the world a more trusted place by facilitating efficient and transparent interactions between people and organizations. We are passionate about an online ecosystem where individuals, not organizations, are empowered to selectively share, or refrain from sharing, personal data.

If you are a talented developer seeking to make the internet safer and more efficient for everyone, we hope that you join us.