NOTE: The main goal of this article is to explain the idea behind the creation of Speciface service and to present the author’s view on possible ways of its development. Special attention is given to personal data safety concerns. Besides, several arguments are proposed in relation to the usefulness of this kind of services.
Have you ever thought how much people might know about strangers around them? Stupid question, you may think: if they are strangers, you just can’t know anything about them! Strictly speaking it’s not completely true: practically you may find something out by simply observing their appearance – their height, the color of their skin, eyes and hair. You may even guess some other features, such as gender, age, etc., but in general it’s true – all these things obviously can’t say anything important about individuals nowadays.
Let’s just picture a simple scene: a young lady and her son, who is almost ten, are sitting across from a gentleman in a carriage of a train, which is arriving to some suburban station. The kid is fiddling with something, occasionally dropping it with a distinctive thud. “Why didn’t you just leave it on the riverside?” – his mother asked, seemingly getting annoyed. “I like this sea shell. It’s hard as a rock and looks so unusual” – replied her son. “A sea shell? The nearest sea is thousands of miles away” – said the lady giving him an indulgent smile. “And still this is a shell from the sea” – propping his glasses said the man. “It’s true! The real sea shell! I was playing at the river – smashing empty shells with a stick, but one of them…” – started the boy anxiously, when the lady glanced at the stranger. The tiny light flashed near the corner of her glasses and her eyes suddenly softened. “Don’t bother the professor with your endless stories, honey” – she said more calmly. “Please, it’s all right, don’t worry” – said the man and proceeded to the astonished boy: “What if I tell you that this fossil shell is around three hundred million years old? That it dwelt in the deep of the ancient ocean when not only people but even dinosaurs didn’t yet exist?” The kid was staring at the shell in awe, carefully holding it in his hands. “In our paleontological museum we have a lot of interesting things to see. Come with your mum, but leave your lucky stick at home, OK?” – said the man with a smile, grabbed his coat and came out.
Despite the apparent simplicity of the presented situation, several questions still remain. Some keen reader has already got it, that it’s about the woman’s “smart” eyeglasses, which helped her understand, that this man is a professor. If so, why hadn’t she used them before to find out who had been traveling along? And why should she trust this information at all? Besides, what museum did this “professor” invite them to? He said nothing specific about it and its location! However, in real conditions it seems the most important question should be: “Who and on what ground keeps this personal information somewhere and/or has access to it?”
Now it’s time to give several clarifications. Thereafter, let’s refer to any direct and indirect information that may somehow be related to a person as “personal information” for the sake of simplicity. It does make sense, particularly as the line between “identifying” data and seemingly less important one is gradually getting more blurred nowadays. One should also take into account, that the aforementioned access to personal information is technically possible today. But it seems to be much more important here, that it can be performed safely for all participants. Undoubtedly, a lot of readers will feel the urge to remind the author of those grim prophecies about total control we all read about in famous dystopia novels and some cyberpunk genre books, while others will recall the recent experience of certain countries in this field. However, it’s better not to jump to conclusions.
First of all, let’s discuss the identification method. There is no secret and nothing unusual: devices get biometric data when they take a portrait photo of a person. However, the use of this information is slightly different here. Normally, in order to identify people reliably, a quite complicated procedure is needed like scanning their faces with different types of sensors, which helps to produce three-dimensional models for these faces. This complexity is fully justified in case the device needs to authenticate the user securely. In our case there is no need in such sophisticated technology on account of the presence of the inquiring participant, who directly supervises the process. Moreover, the precision of this data can be deliberately reduced even more in order to make its theft or seizure useless (for instance, to conduct some other, more precise identification). As will become clear below, only user devices will be able to compare locally available biometric data with the externally provided one.
The main thing that should be mentioned is that no centralized storage is needed for any kind of personal information. Moreover, there is no need even to keep own data anywhere, except own device. Perhaps you haven’t noticed, but the man had propped his eyeglasses right before he broke into the conversation. In fact it was a hidden command for his glasses: this way he allowed the lady to access certain data, which was kept inside. Later, the data transfer was made by means of direct wireless communication through a secure data link, which had been established between these devices. But why should anybody trust the received data anyway? What if the man was simply an imposter? It’s getting clear that we need some authoritative third party (in fact, it’s hardly possible even to establish a secure data link without such third party).
The role of this authoritative party can be played well by some special network service. However, it’s not necessary, that this particular service must alone validate all the important data of user profiles, such as their status, job title, etc. – this work can be delegated to some external services, organizations and even users. More than that, such intermediary service may only hold the results of evaluation of specific functions (such as cryptographic hash functions) upon the blocks, which are specially formed of user data, the approximate biometric data and a sufficient number of randomly-generated bytes. Simply put, the modern cryptography allows this service to check the data without the need to keep any kind of identifying or sensitive information at all. Moreover, it allows this service not to demand plain data to be provided for verification – the collating of hash codes will be enough.
Although things are becoming clearer, one might be tempted to ask: what are the main advantages over other methods (NFC, QR-codes, RFID, etc.) of transferring such information? The fact is that for verification of the provided data, most of them imply mandatory identification of a person and people are compelled to bother with it. The disadvantages are obvious: it inevitably leads to de-anonymization, requires the disclosure of sensitive personal data to the other party, in addition to the trivial risk of not noticing a forgery when checking a document. Indeed, with the clever use of biometrics, manual identification can be omitted. However, it’s hardly possible to avoid the need of signing the data with a particular authoritative party. It requires a reliable key management infrastructure, although private keys can nonetheless be subtly compromised. On the other hand, the mentioned intermediary service can simply use biometric and other data to generate a unique hash code, and then offer to place it as a registration code on the corresponding web page of the authoritative party. The reliability of this approach will depend only on the authority of the web resource itself and how secure the access is. For its part, the system may offer certain means of countering possible attempts to reference fake resources: “white lists”, etc.
Another important point that should be discussed is the prospects of such systems. Nowadays, reliable pass cards and access control systems can be costly for businesses. Are these expenses always justified? Many employees wear badges, but who can be sure of their authenticity? Yet people are often compelled to believe them and even let a stranger into the home (when interacting with utilities, for instance). Wouldn’t it be great for all to have a simple way to check if the person they are dealing with is a valid employee of a particular organization, even when that person is outside the door? Yet this is just the most obvious of many possible uses. In fact, this approach allows everyone to group people by a certain positive quality, so all could discover it each time they meet someone. Everything the possessors may want to reveal to somebody is suitable for this: abilities and skills, education, profession, merit, titles and awards, diplomas, certificates, personal qualities and political views, social and medical status, membership, loyalty cards, tickets, pay checks, coupons, etc., etc. Only the authority of a data source matters here. Now it’s clear, that we deal with the open global trust/access control system that nevertheless preserves the anonymity of all parties.
In conclusion, it’s hard not to notice the pervasive growing concerns about objectionable use of personal information and possible interference with privacy. In fact, this problem is such a huge subject, exceptionally topical and painful, which is discussed so widely, that it seems reasonable to make just a couple comments here.
Let’s remember several well-known principles, which obviously need to be followed here. First of all, every service of this kind must be an open source system. Secondly, a lot of security measures should be implemented to prevent all known types of attack and such possible misuses of the service as mass data collection, location tracking, etc. At last, it would be much more preferable to build intermediary services using, where possible, certain fully transparent distributed architectures, such as peer-to-peer networks.
In addition, there is a thought about the general view on the problem and the development paths of these technologies in the very near future. It feels like this genie is already out of the bottle. Rapid development and wide spread of non-transparent, centralized systems, which use face recognition, personal data access and other identification and classification techniques, supported by some governments and large companies, have already begun and can hardly be stopped. Due to this fact, the social balance of power may change significantly, which present obvious risks. However, in fact, it’s just a reflection of the impact of technological progress, thus, shouldn’t be simply considered as good or bad. On the other hand, civil society should look more closely at the opportunities that the same technology can bring when applied otherwise – to improve horizontal communications. It might even occur that such system will become a defense mechanism to protect human rights and freedoms in changed reality, who knows?