Itâs perhaps best explained by a car crash.
As veteran entrepreneur Armin Ebrahimi tells it in interview, his car was hit by a truck two nights ago. The driver had no insurance, and he had little reason to trust him because of the poor quality of his government-issued driverâs license.
âThe picture didnât really match him. It was difficult to know itâs him, the picture was a little more clean cut. Itâs got a PO box address on it, so I took the information I could,â Ebrahimi explained.
Ebrahimi isnât just any driver. Heâs also the CEO of ShoCard, a blockchain technology startup thatâs seeking to harness the power of bitcoinâs distributed ledger to solve pain points with authentication such as those in this process. Whether itâs a true story or a convenient anecdote is unclear. Either way, the story cuts to the core of how ShoCard and blockchain technology can intercede and solve problems inherent in such an incident.
ShoCard, Ebrahimi asserts, aims to function as a mobile ID that can be verified in real time using a combination of cryptography and the immutability of bitcoinâs ledger. Perhaps most importantly, the company asserts identifying information could be verifiable without requiring users to give up control of their data.
Investors are already convinced the company has found a powerful use case for the technology. ShoCard recently raised $1.5m in funding from investors including AME Cloud Ventures and Digital Currency Group.
In interview, Ebrahimi provided a deeper dive into the underlying tech of the product he hopes will transform identity on the web, mobile and real world.
Ebrahimi told CoinDesk:
âWe create a private and public key pair that allows you to access the blockchain and create separate key pairs for each of the fields that youâre going to be storing [on your ShoCard]. So you have a master private key and private keys for individual data fields.â
While top of mind given his recent experience, Ebrahimi sees ShoCard as effective beyond insurance incidents, impacting how people verify themselves to e-commerce providers, banks or any third party to whom they must prove their identity to.
Though still in the pre-launch phase, ShoCardâs digital ID provides details such as the full name, address, signature, date of birth and physical details of each user. While it looks like a mobile driverâs license and contains the same information, the difference, according to Ebrahimi, is each field on the ShoCard is protected with cryptography.
âWe create signatures for each field. We create a hash that encrypts the data thatâs on there, then we create a digital signature of it, then put it on the blockchain,â he explains.
ShoCard doesnât put the userâs data on the blockchain, rather just its own cryptographic proof that the data is correct.
âAll you can do is validate that later,â he added. âI would give you my public key and name and say hereâs my entry on the blockchain with a signature. You can use that data to go in and validate it, but I have to provide you my name to validate it.â
If both parties in the car crash were using the ShoCard system, Ebrahimi said, the app could be made to produce a QR code that when scanned could allow the users to pass the blockchain record of their identities to each other securely.
âMy ShoCard would go in, pull the data out of it to verify that it is on the blockchain. Letâs say [the truck driver] was certified by the DMV and his bank. I could look at those [certifications] and say that these are ones that I can trust.â
Additionally, users could have control over what they share. In the instance of a car crash, a user might need to take another partyâs name and address before submitting it to a third party like an insurance provider.
âI donât have to see everything else,â he continued. âI donât need to ask for his weight and eye color.â
A similar exchange, he said, could also take place without QR codes using a Wi-Fi transfer protocol such as Appleâs AirDrop. Either way, digital data is validated securely using bitcoinâs secure digital ledger.
Still, Ebrahimi believes ShoCard will perhaps be most immediately useful online, where online authentication is increasingly handled by Internet giants such as Google and Facebook.
Part of the current problem, Ebrahimi argues, is that these companies earn revenue from reselling data, and further, they have the ability to update their policies often, and in ways that might not always be friendly to users.
ShoCard, Ebrahimi believes, could compete against these systems if it could achieve a similar scale because the blockchain would help return control to users.
âUntil the blockchain there was no way to build the best infrastructure, keep it as secure as you can and make sure no one can compromise whatâs inside. There are so many public cases where credit card data is breached, we see that happen publicly over and over.â
A former CEO of Buysight and Advertising.com, Ebrahimi was also a platform engineer at Yahoo until 2008. There, he managed Yahooâs user ID and login strategy, insight which he says allowed him to see the benefits of bitcoin.
âI was very fascinated with bitcoin and the infrastructure beneath it,â he said. âWhat I found is it provides a dramatically different approach to solving the problem and that the solution could be uniquely different than what was possible.â
He argued the blockchain provides compelling benefits even when compared to two-factor authentication, which he said has recently proven susceptible to hacking and interference.
âTwo factor is a great step forward in terms of providing security, but weâre looking at two years from now, how does that landscape change and how do we do we focus on identity.â
The most pressing challenge for ShoCard isnât technology, Ebrahimi acknowledges, itâs a question of scale. As the car crash analogy illustrates, ShoCard can only be as useful as the number of people and third-party institutions using it.
Identifying this âchicken-and-egg problemâ, Ebrahimi said, was a key factor in ShoCard choosing to adopt a business-to-business (B2B) marketing strategy.
âThe way we see this gaining traction is not us having end users download the product,â he said. âThatâs much more challenging because the use cases will be limited. What weâre looking at is working with enterprises and having them be the ones who roll this out to their user base.â
Ebrahimi suggested ShoCard is already talking to banks interested in the technology, but declined to name potential partners. Presentations for the company suggest ShoCard believes its solution could be a compelling alternative to services like Verified by Visa, which while allowing major financial institutions to leverage access to user data, require them to store it in centralized databases.
More immediately, Ebrahimi sees the service as potentially appealing to bitcoin companies that currently rely on two-factor authentication services or other tools.
âIdentity has become significantly more important for bitcoin companies as they start expanding beyond early adopters,â he said.
Until those partnerships are secure, however, the ShoCard product, will be kept under wraps. âThatâs how we can get a larger user base and those users will have a use case,â Ebrahimi said.
Still, the irony is that, while the blockchain is effectively a trustless system, ShoCardâs partners still have to trust the system, something that has been difficult for institutions given the negative publicity surrounding bitcoin as a currency.
Ebrahimi aims to overcome this with a two-pronged strategy. First, convince enterprise businesses that using the blockchain is more secure and efficient; second, use trusted brands as distribution partners to consumers.
The first case, Ebrahimi suggested, will be easier given that enterprise companies are already trusting authentication providers with their data. If ShoCard was a traditional authentication company, he said, it would have its own database, meaning partners would have to trust that information therein is properly maintained and that itâs not improperly modified or changed.
âThe people we have to convince, most of them are interested in blockchain,â he said. âA bank would have a hard time trusting another database, but you donât need to trust us in storing or maintaining the integrity of the data, making sure it doesnât get hacked into. I can independently validate the data and insist on its accuracy with an open database.â
Itâs still too early, he said, for consumers to comprehend the blockchain. But, Ebrahimi believes consumers donât need to necessarily understand it as long as they can use the technology conveniently.
He concluded:
âOne of the things weâve done is hidden away a lot of that complexity from the users. You understand looking at your ID, because itâs pushed out by a trusted enterprise.â
Photo by Noam Galai/Getty Images for TechCrunch
