World ID – Changing the world or sci-fi dystopia?
By Alan Goode, CEO and Chief Analyst at Goode Intelligence
Would you let a shiny metal orb scan your iris for Crypto and a T-shirt printed with “unique human” written on it? Well, over two million people around the world have signed up to Worldcoin (WLD), an iris biometric cryptocurrency project developed by San Francisco and Berlin-based Tools for Humanity and co-founded by Sam Altman, founder of OpenAI and creator of ChatGPT.
The crypto-focused project aims are to create a global unique digital identity (World ID), a global currency (Worldcoin token, WLD) and an app (Word App) that enables payment, purchases and transfers using its token. Central to these three components is the Orb, an iris-scanning device that verifies proof-of-personhood (PoP).
World ID is an open and permissionless identity protocol that can be used anonymously to prove uniqueness and humanness.
If Altman wanted to generate a ton of noise surrounding Worldcoin, he has certainly achieved his ambition. Not all of the noise is positive though, with questions over the actual use of the Worldcoin token and privacy concerns raised by a number of data protection and privacy regulators including France’s CNIL and the UK’s ICO.
There is so much to unpack in this story and a lot has been already said about the merits of the project and the reaction from the world’s regulators. I will concentrate this article on my thoughts on the World ID ‘Technical Implementation’ white paper, including how the biometric components operate.
How does World ID work?
The first step for someone wanting to get a World ID is to download the World App, a mobile wallet designed to bring digital ID and global finance to all. When the World App works in verified mode, the Orb is used to verify proof-of-personhood (PoP).
Enrollments starts with the user creating a Semaphore keypair on their smartphone, referred to as the World ID keypair. The Orb associates the public key with a user’s iris code, whose current sole purpose is to be used in the uniqueness check.
Proof-of-personhood answers the question, “are you human and unique?” It doesn’t answer the question of “who are you?” (identity verification), or “are you who you say you are?” (authentication). For the purposes of this project, World ID’s creators believe that this is an adequate level of verification.
The Orb is used to verify World ID users based on proof-of-personhood principles. The Orb is a custom device that has taken three years to develop by an in-house team at Tools for Humanity. The decision to engineer a device in-house was taken because the team believed that off-the-shelf technology, including smartphones, were insufficient for their requirements. The white paper states that “smartphone cameras are insufficient for iris biometrics due to their low resolution across the iris, which decreases accuracy.”
Iris is a good choice for World ID as if you are looking for a biometric modality that can scale to billions of users with a very low false match rate, then iris is currently the best choice. The UK’s National Cyber Security Centre (NCSC) states that “Iris recognition is considered to have a very low false match rate and is often selected to be used where population sizes are large.” As Worldcoin has lofty aspirations of reaching billions of people globally, then the product and engineering teams have chosen an excellent modality.
The white paper goes into great lengths to detail the design and operation of the Orb. The Orb’s iris system uses multi-angle and multi-spectrum cameras to create a high-quality image and to prevent spoof attacks. All iris codes captured by the Orb are signed by a secure element to ensure they have been collected by an authorized device. The device is powered by an Nvidia Jetson Xavier NX that enables running several AI algorithms at the edge in real time that can distinguish spoofing attempts from genuine humans based on the input from those sensors locally.
According to the white paper, “no images are stored unless users give explicit consent to help improve the system for everyone.” I am assuming this refers to training reasons, but it does seem to blow a hole in the privacy claims if iris images are being stored. As the Orb is being used around the world in areas where literacy may be low, I am not too sure if whether a World ID user will be qualified enough to make an educated decision on whether to permit their iris image to be stored or not. Several data protection and privacy regulators have expressed concern on this process and have started to enquire about the detail of biometric data and storage. CNIL, the French data protection authority, said in response to a Reuters question on Worldcoin “The legality of this collection seems questionable, as do the conditions for storing biometric data.”
The enrollment process for generating a World ID and verifying at an Orb is described in the white paper and is as follows:
- Person downloads the World App and generates a World ID keypair
- Person visits an Orb and verifies their account by generating a QR code on the World App and presenting it to the Orb
- Orb checks person is human, alive and non-fraudulent, and captures both irises
- The Orb takes the iris images and converts them (hash function) into the iris code
- Orb computes iris code locally and signs it using the Orb’s secure element
- Images from the sign up are destroyed “unless explicitly approved by the user for training purposes”
- World App randomly generates secret key, and from it the identity commitment
- Key is stored locally
- Checks the iris code is far enough from all previous ones (based on the Hamming distance calculation), and Orb signature
- Stores the new iris code on Blockchain
- The contract is created by inserting the new identity commitment into the Merkle tree
Thoughts and conclusion
For World ID, the use of iris biometrics in a strikingly designed metal orb is statement of intent for its backers. One that has certainly attracted a lot of attention, even though some of it not so positive. It is a supremely ambitious project, one that has had many critics. I recently posted a question to my LinkedIn network “Is the Orb an expensive gimmick or is it the most viable solution for ensuring that a person is unique when onboarding for World ID?” I received a lot of comments with most of the respondents saying that it was a gimmick. It is definitely dividing opinion and is very similar to the polarization of opinion that we are seeing for Cryptocurrency, SSI and a number of other blockchain-based initiatives. There is also a threat that, despite publicly advocating privacy preserving design and Zero-Knowledge Proof (ZKP) principles, It falls into the trap of portraying biometrics as part of a wider surveillance dystopia. The device itself looks like it fell out of a William Gibson book.
I also believe that a problem for Tools for Humanity is that they have developed a very heavily engineered solution to solve one part of the identity conundrum; are you a unique human? From what I take from the white paper, they haven’t solved the ‘what human are you?’ question. I understand that this may go against some of the foundational pillars for decentralized identity and the coin community but if you want a world identity that can be used for voting, for setting up a bank account or for receiving universal basic income (UBI) then I believe you need to know what person is bound to that identity.
You would also expect an ambitious global project of this sort to be managed by an established world authority such as the World Bank or the United Nations, not by a group of tech entrepreneurs.
I do think that there are positives that can be taken from the project. The project does chime with a number of important trends that I am seeing in the biometric industry that include the importance of biometrics to digital identity and to the growth of stand-alone biometric devices supporting a wide range of applications including travel, hospitality, sports and entertainment, and retail. I believe that this is a positive step as it pushes biometrics into mainstream press and biometric vendors and suppliers could positively ride on the back of this noise.
I am sure this story will run and run and I shall definitely be following how the project proceeds as part of my continued research into biometrics and digital identity.
About the author
Alan Goode is CEO and Chief Analyst at Goode Intelligence.