Worldcoin’s eyeball scanning technology has been polarising since its launch, with many feeling it’s the natural evolution of security in an AI world, whilst also drawing fears from many who cite it as intrusiveness.
Payment Expert gained the insight of Daniel Fogg, Chief Executive Officer at IOV Labs, as he discussed the tech, its drawbacks and potential impact on the payment space.
Payment Expert: Why do you think there is such controversy around Worldcoin’s eyeball scanning solution?
Daniel Fogg: Simply put, with some exceptions, any data that is put on the blockchain is publicly available, obscured but visible, and it could be there forever with the inability to take it down.
For example: if you look at any Bitcoin wallet address, you can see the transactions it has made, the amount of money in it, and which users it has transacted with, but you would never know who the wallet belonged to. This is the concept of pseudonymity – you know it’s there, but you don’t know who it belongs to.
Worldcoin’s solution suggests that an individual’s iris will be scanned, used to generate a cryptographic hash, and that hash will be stored on the Ethereum blockchain, but as per the pseudonymous nature of the blockchain, no-one would know which hash belonged to which individual. That said, the issue still stands that this hash is on the blockchain for other individuals to see, potentially forever.
In terms of controversy, much of this stems from a lack of knowledge and understanding of the proposition as it is still in the early stages of rollout. Many people may be concerned regarding the security model or privacy implications of the orb, whilst others may be concerned that this is just another Silicon Valley big tech solution that they don’t want to trust by default. Most importantly, it’s an individual’s biometric profile on the line.
PE: What are your thoughts around the privacy fears?
On one hand, giving away this data seems terrifying, but on the other, cryptographically speaking, no one should ever be able to access that data unless the permissions were there.
Worldcoin will have a security model which prevents people from accessing the imprint of other people’s iris, but there is no guarantee that these security models will be effective in the future.
Of course, there is always the risk of hacks and security breaches, as well as the consideration that future advances in quantum computing could lead to the capabilities to crack encryption – this is why people are concerned. Afterall, the token or address is associated with the biometric data of a human being.
However, I would be extremely surprised if Worldcoin had arrived at this point with an unstable security model, and I’m sure this isn’t a ‘half-baked solution’. You can do things with cryptography which makes things unopenable, hence the millions of dollars of Bitcoin that individuals can no longer access as they have lost the keys.
I am pro-technology and pro-experimentation, and as an early adopter I’m not particularly worried about the potential associated risks. In fact, I will likely have my iris scanned and get a WorldCoin wallet.
That said, I do understand the concerns and I will take advice from our team of security experts, cryptographers, and researchers at IOV Labs, as well as doing more research into Worldcoin’s security models myself first.
PE: Biometrics are common in fintech. Why are people so concerned here?
Ten years ago, individuals would have rejected the biometric face scanning required to access Apple devices. We’ve broadly bought into the security model that Apple has built the technology upon, called the secure enclave, as no one can access the chip in each phone which stores the biometric data.
It’s likely that Worldcoin will have an approach in place to ensure no one can access the imprinted iris data through cryptographic protections, however we don’t know how strong this protection will be in 50 years time, and whether the data will still be protected. I think the level of uncertainty will be causing the most concern.