Article By: Raj Ananthanpillai, originally published on Forbes
Have you ever stopped to consider how many times you’ve shared your driver’s license, Social Security number, or other personal details just to prove something basic about yourself?
Every time we start a new job, open a bank account, rent an apartment, or even join a new app, we’re typically asked to hand over the same sensitive data again and again. It’s no wonder data breaches and identity theft are rampant. We’ve been spraying our personal info all over the digital world just to participate in it.
I’ve long argued that businesses need to rethink the practice of collecting and storing consumers’ personally identifiable information (PII) for every identity screening. There must be a better way to verify “Is this person real and trustworthy?” without making you constantly give up your PII.
Introducing the Trust Credential
As it turns out, a better way is on the horizon. I call it the Trust Credential for Life or your own Trust Token for Life.
In a nutshell, a Trust Credential or Token is your digital trust passport. Instead of sharing your Social Security number, driver’s license, passport, and other personal information with every company or platform that asks, you would have a single, reusable digital credential issued after a thorough, one-time verification with your participation, similar to TSA-Precheck.
One-time Verify and Lifetime Trust is the Mantra
This credential will be stored as a token in your digital wallet and remain under your control. When someone needs to verify something about you, you don’t send over a PDF of your whole life story to an unknown third party, who then gathers and provides it to the requesting relying party without your knowledge or participation. You just directly share the specific proof that they need from your Trust Credential, and the relying party will instantly verify it with the credential issuer, just like a credit card transaction.
How Would This Work in Practice?
First, you’d sign up with a trusted service, which I call a Trust Bureau, and undergo a comprehensive verification process once.
You would prove your identity by scanning your government-issued ID and perhaps taking a live selfie to confirm your face matches. You’d also consent to any background checks you want included. For example, you might want your credentials to attest to a clean criminal record and a valid professional license.
All of this is opt-in and transparent.
You choose which verifications to undergo and include, and you get to review the results. If any data is obviously wrong, your dispute can get it corrected before your credential is issued. This is a radical shift from today’s model, where errors in background checks or credit reports often blindside people later.
Importantly, this credential is cryptographically signed and tamper-proof. It’s a bit like a digital badge of your trust that you carry with you. And here’s the key: the personal data underlying those verifications is not exposed each time you use the credential. Instead of showing someone your full background report or ID documents, you produce a token or cryptographic proof from your credential that confirms the relevant fact.
Of course, all this relies on strong security and trust in the system issuing the credential. This is where technologies like blockchain come in. By recording credential transactions on a permissioned blockchain ledger, we get an immutable audit trail and protection against tampering.
A Better Way
The benefits of this model are huge. For individuals, it means no more repeated or oversharing of personal data just to get through life.
You don’t have to share your personal information with every landlord and then worry about whether they keep it secure. (Keep in mind that most landlords use third parties to perform the background checks, and you have no idea who that is, what they have about you, how they store your data, or if it was ever hacked or breached.) And you don’t have to grant every new relying party, such as potential employers, full access to your background report. You share only what’s necessary for the task at hand.
For businesses and organizations, the Trust Credential can dramatically streamline verification processes. Businesses don’t have to collect and store PII, pay hefty cyber insurance premiums and compliance infrastructure, or constantly worry about data breaches. One of the most compelling aspects for consumers is portability. This credential is yours for life and is continuously updated. You might update it periodically with any changes, such as new professional certifications, address changes, name changes, etc., but you don’t have to start from scratch each time you interact with a new company or platform.
In short, the Trust Credential aims to be the last identity screening you’ll ever need. Once you have it, you can prove who you are and key facts about yourself to anyone, on your terms. No more repetitive form-filling. No more faxing documents to strangers. And no more making copies of your private info and hoping every recipient keeps it safe.
We stand to solve both data oversharing and verification fatigue in one swoop. People regain control of their personal information, and verifiers get what they need quickly without wading through extraneous data. It’s a win-win that flips the current script, where trust verification is opaque, involving repetitive sharing of your PII at the expense of privacy and risk of data breach.