Armin Ebrahimi is the Founder and CEO of ShoCard.
Ebrahimi is a well known industry veteran and has an extensive background in scalable platforms, online services, mobile-development and digital advertising.
Most recently, he was CEO of Advertising.com Dynamic Retargeting (formerly Buysight), an AOL company. Prior to that he was Senior Vice President of Platform Engineering at Yahoo!, with responsibility for Yahoo!’s registration and anti-fraud platform services, as well as premium services including Yahoo! Small Business, large partnerships including AT&T and Verizon, Yahoo! front doors, including My Yahoo! and Yahoo! front page. He built Yahoo!’s original Display Advertising platform that served over 20 Billion transactions/day. Armin founded and was CEO of TRIicon Solutions, acquired by Tandem Computers. Armin has a Ph.D. in Organizational Management from Capella University and B.S. and M.S. in Computer Science from California State University – Chico.
Armin Ebrahimi: Identity in the Digital World using the Blockchain
1. Identity for a Mobile World
ShoCard Confidential and Proprietary
2. ShoCard Confidential and Proprietary
2
Our Vision of Tomorrow
ShoCard is designed to be the single
digital identity card that enables this
…securely and with user-privacy
People will expect access to what matters to
them by simply proving who they are
…
They expect it to be fast & simple;
And they expect it to work in both the digital
and physical world
3. ShoCard Confidential and Proprietary
These IDs are all an “Abstract” of who
we are, but in different forms and
different places – each leaving a Footprint
of our identity in different locations
6. ShoCard Confidential and Proprietary 6
ShoCard Overview
• ShoCard is a digital identity card platform that
consumers use through a mobile app built on top
of the public blockchain data layer.
• It's as easy to use as showing a driver’s license,
but so secure that banks can rely on it.
• The ShoCard platform uses public/private key
encryption and data hashing to safely store and
exchange identity data.
Secure, Consumer-Friendly Identity Verification
7. ShoCard Confidential and Proprietary 7
ShoCard Technology
• Simple user interface to read and scan driver’s license
information
• Private information NEVER stored outside of user’s phone
• Uses BlockChain to store one-way hashed signatures to
validate user data
• No 3rd party trust system - BlockChain is open database
and user PII is kept on their own device. ShoCard maintains
no trusted data on users.
• Use of multi-factor and out-of-band communication using
multiple private/public keys for security.
BlockChain is the infrastructure used in Bitcoin
8. ShoCard Identity Platform
Scan ID
Private data kept on device
ShoCard
Identity
Services
- Each field is hashed
- Then digitally signed while on device
- Result sent to ShoCard Service
- Split private-key used to write
hashed record to the Blockchain
Blockchain…
Note: Data is never exchanged in clear text
9. Why Identity on the Blockchain
Bank 1
Verification
Bank 1
database
Blockchain…
Certification record
Verify User &
Certification
Bank 2
Bank 2
database
Government
Gov
database
Merchant
Merchant
database
10. • Identity is ultimately the identification of a real person.
• TouchId provide for access-control, but not physical person
identification.
• Access-control is good when a person is to protect others
from using his identity. E.g., preventing someone from using
his phone App to approve something.
• Biometrics identification is necessary to protect others from a
potential bad-actor. E.g., making sure the person boarding a
plane is indeed the person they claim to be.
• Any biometric data can be supported with ShoCard, including
but not limited to facial-recognition, voice and iris-scan.
Biometrics and Identity
11. Biometrics – how it works
Facial Recognition Example
User takes a
selfie
Selfie added to
other id info on
the phone
Blockchain
Seal
Signed Data (including
selfie) is Sealed
on the blockchain
ID Info (including selfie)
shared with a 3rd partyNew Image taken
Facial Recognition performed
Certification
User Seal (including
selfie) is Certified
User shares data & selfie with 3rd party
3rd party retrieves Seal & Certification
3rd party takes new image & does
facial recognition
12. • Most commonly referenced with Bitcoin. The Blockchain is the
infrastructure that allows for Bitcoin, the virtual currency.
• A blockchain is permanent ledger where records are written to,
and once confirmed, they cannot be deleted or modified.
• Records can only be written by the owner of the record using their
private key.
• Everyone can view the record using the owner’s public key
• If data is stored on the record, it can be protected with further
encryption and hashing to avoid spoofing, but still prove
ownership.
• The blockchain is a highly distributed database-ledger with
thousands of copies of the ledger throughout the world.
• The hashing algorithm used to connect the blocks of data
together, creating the chain, are virtually impossible to break.
The Blockchain
13. 13
Use Cases
• Credit card transactions — verify individual’s identity & authority to
use card (improving 3D Secure protocol).
• Financial accounts — verify identity and account ownership without
compromising privacy (biggest driver of identity theft), e.g. anti-
phishing process, online banking security, no-password-login.
• Allow Customer Care groups authenticate users in seconds over
the phone. No more long series of questions to ask the user.
• Everyday authentication & authorization — register for and log
into websites.
• Air Travel Identity Management – Allow users to register once and
travel through different airports with simple facial recognition.
14. ShoCard Confidential and Proprietary
Use Case Demos
• eCommerce
• Call Center
• Website Login
• User Credentials
15. ShoCard Confidential and Proprietary
eCommerce Credit Card Authorization
Step 1:
Shopping online Step 2:
Enter credit card
info as usual
16. ShoCard Confidential and Proprietary
eCommerce Credit Card Authorization
Step 3:
User recieves push
notification
Step 4:
User receives request
to authenticate using
Touch ID
Step 5:
User verifies
purchase
17. ShoCard Confidential and Proprietary
Step 6:
Order is approved
eCommerce Credit Card Authorization
18. 18
easy verification – call center
Step 1:
Call Center Rep initiates
authentication by entering
customer’s User ID
19. 19
easy verification – call center
Touch-ID Prompt Login Verification Authenticated
Step 2:
Customer receives
notice to authenticate
using Touch ID
Step 3:
Customer verifies
login
Step 4:
Secure authentication
complete
24. Bank
User Credentials
Blockchain
Seal
Data is Sealed
on the blockchain
ID Info shared with Bank
Certification
User Seal is Certified
User shares data & Certifications
with 3rd party
3rd party retrieves Seal & CertificationsIt validates CreditScore=95 by Bank
Bank adds new certifications
Certify CreditScore=95
User CreditScore=95
User claims Bank CreditScore of 95
Our vision of tomorrow is that people expect to access what matters to them in a quick and easy way. They currently do it in a way that’s cumbersome, time consuming and often times very frustrating if you’ve ever forgotten your username and pass word or had trouble answering the security questions with a call center.
The other thing that’s happening is the blurred lines between the digital and physical worlds. A lot things people do in the digital world affect them in the physical world, so they want that to be highly secure.
What we’re doing with ShoCard is ultimately to provide for that and do that through a single digital identity and do it securely and very importantly is maintain that user privacy.
There have been a lot of attempts at creating this concept of a Federated ID but what’s often being violated, is user privacy. It may be a perception, but there is a lot user data out floating around so that potentially becomes a problem.
So with ShoCard what we have is something that’s Secure, Consumer-Friendly and the ability to really identify and verify that identity.
Mobile App that a user can download, to create a highly secure digital ID that can be used for all your identity needs
Built on top of the Blockchain, it allows you to store and share your identity in a highly secure manner using public/private keys
Easy as a Driver’s License, but secure for enough for Banks. We felt if we built something secure enough for financial transactions that it would be secure enough for anything else.
Some key things to note here about the ShoCard identity platform:
Although we use the mobile device to scan the data from the drivers license or passport, We never store any of the user’s private information outside the device. We encrypt it and keep it on there.
We capture every field on that card, and we create a hash and digitally sign that using the private key that we created with the mobile device, and that private key stays on the device itself.
All PII is encrypted and stored on the users phone, and cannot be reverse engineered, even if you have that users private key
Very important for us not to have any leakage of data
Creating your ShoCard is snap and takes 30seconds.
Scan the ID. All PII data remains on the device with the user [CLICK]
A set of private/public keys are created for the user and a digital RSA signature is created for each field, and sent to the ShoCard server [CLICK] [CLICK]
These signatures are then written to the block chain using the user’s secure block-chain private key, proving ownership of the record by the user
The user gets back a new blockchain address that refers to its unique record – this record is considered their ShoCard ID and used for communication in the future.
The reason we use the blockchain and I’m going to take you through this process called a certification.
You have the user, you put a hashed copy of your record on the blockchain
Then what you can do is KYC verification of that data with a 3rd party. You insert a new record on the blockchain and that’s the certification.
Now we do all of that digitally. So we go through the process. You get the data, we validate the data with the record on the blockchain. We confirm you are the owner, the person who gave us the data. You have the private key you can use to sign the transaction ID you gave us, it matches the record on the blockchain so we know that record is now yours. We do the KYC checking and we actually use partners to do that. It’s verifying the drivers license appears correctly, the name address matches, the format is correct, during the validation and if everything is correct, then a new record is inserted indicating this is certified user.
Our core patent is around this whole certification process.
Now a user can go to a bank and provide their credentials, their ShoCard ID, the bank can check that against the record on the blockchain and see the certifications and if they trust that KYC verification, they don’t need to create a new certification, they can trust that it’s you and know that its good.
You can use those same credentials with a govt database a merchant anyone else you go yo. You present your ID and you can actually prove that your ID was validated by another party and this is me.
A ShoCard ID can be used for a variety of use cases where user identity must be definitively identified:
1. credit card transactions
2. login into a web or a mobile-app without supplying username/passwords
3. Allow banks Customer Care organization authenticate a user over the phone using their ShoCardId in seconds (versus an array of questions that can be presented by a fraud)
3. Authenticating email communication affirmatively to prove the email was sent by the bank and intended specifically for the user owning the particular ShoCardId. With this, Phishing emails can be eliminated.
4. Banks can seal each user session with a badge on the web page with proof to the user that they are on a legitimate site and “their own” session by using their ShoCard ID. A hacker will never be able to replicate this.
Now we’d like to walk you through some use cases using your ShoCard that’s been sealed and certified.
Here’s an example of how you can use your ShoCard for credit card authorizations when shopping online but it works the same in card present situations as well.
You visit an eCommerce site to shop for a pair of shoes, [click] you enter your credit card info as usual, and when you click buy [click] you get an immediate notification on your mobile device that you have a purchase to approve. [click]
[click] You are then asked to authenticate using touch ID which is required to access your private key [click] so that you can approve or reject the transaction. [click] [pause] Before your purchase is approved
If you don’t recognize the transaction you can reject it or just let it time out.
We are working on a apple watch notification so we will have that option soon as well
Now we’d like to walk you through some use cases using your ShoCard that’s been sealed and certified.
Here’s an example of how you can use your ShoCard for credit card authorizations when shopping online but it works the same in card present situations as well.
You visit an eCommerce site to shop for a pair of shoes, [click] you enter your credit card info as usual, and when you click buy [click] you get an immediate notification on your mobile device that you have a purchase to approve. [click]
[click] You are then asked to authenticate using touch ID which is required to access your private key [click] so that you can approve or reject the transaction. [click] [pause] Before your purchase is approved
If you don’t recognize the transaction you can reject it or just let it time out.
We are working on a apple watch notification so we will have that option soon as well
Now we’d like to walk you through some use cases using your ShoCard that’s been sealed and certified.
Here’s an example of how you can use your ShoCard for credit card authorizations when shopping online but it works the same in card present situations as well.
You visit an eCommerce site to shop for a pair of shoes, [click] you enter your credit card info as usual, and when you click buy [click] you get an immediate notification on your mobile device that you have a purchase to approve. [click]
[click] You are then asked to authenticate using touch ID which is required to access your private key [click] so that you can approve or reject the transaction. [click] [pause] Before your purchase is approved
If you don’t recognize the transaction you can reject it or just let it time out.
We are working on a apple watch notification so we will have that option soon as well