<BaaSid presents its technology in Taiwan — Blockchain technology rises, emphasizing zero trust and de-identification>
TAIPEI — Based on the blockchain-based identity verification technology, in the past two years, some emerging industries around the world have paid attention to such applications, and now there are also operators in Taiwan. At today’s technology and information security seminar at NCCU, some industry players shared their latest technology and application architectures on this technology.
BaaSid Business Development Manager Kevin Dose was on the agenda of the conference today at a conference on legal development and information security organized by the University of Political Science International Business Alliance NCCU GLORIA (the University of Political Science Financial Technology Research Center and Bosat Information Security) and described the BaaSid identity recognition technology based on blockchain.
The issue of security for identity identification has been discussed by people from all walks of life in recent years. With the frequent leakage of accounting information and the lack of security of OTP verification, the world is paying attention on how to deal with such issues, and related technologies are constantly evolving.
For example, in the development of network identity recognition, the FIDO (Fast Identity Online) alliance was established in 2012, and the FIDO architecture was proposed. By publicizing the basic key structure, the server does not centrally store passwords and only keeps the public key, so that the responsibility of identity is kept safely dispersed on the device side. This seems to have a little decentralized meaning.
On the other hand, the application development of the blockchain is constantly expanding, from the decentralization of the original digital currency and payment system to the development of smart contracts and more financial applications, including trade finance, reinsurance, etc. It also includes the orientation of several identities. Such a trend is also worthy of attention. For example, we have heard before that some international players do not say that they are FIDO, but emphasize decentralization. The development of blockchain companies is also the management of account passwords.
It is worth noting that there are also operators in Taiwan that are promoting the provision of personal identity identification and verification services using blockchain technology. Today, James Huang, founder of BaaSid Boss Information Security, explained how they applied blockchain and provided ID login security protection during the seminar on “Development of Technology and Information Security in the Age of Big Data”. The seminar was co-sponsored by the International Association of Business and Industry of the University of Political Science, the Center for Financial Science and Technology of the University of Political Science and BaaSid, and included a wide range of topics including RegTech and Open Banking.
In the face of future security issues and trends, Huang Qicheng talked about Zero Trust and De-Identification as two important concepts at this conference.
How is the blockchain-based application applied to identity identification? Huang Qicheng pointed out that they are protected from the source of the data and there is no complete source of information. More specifically, they encrypt the identity data and split it on the blockchain to make the data more secure and quickly combine them to verify through the corresponding technology.
Mr. Huang pointed out that zero trust and de-identification are two important concepts in response to future security issues. They provide security for identity identification and verification through blockchain technology, and emphasize that there is no original file of the personal information.
In terms of BaaSid’s infrastructure, Kevin Dose, the company’s business development manager, further explained that they currently offer SDK or API applications. When users register, they go through four steps: encryption, split, distribution, and decentralized storage. , where the number of fragments can be defined by yourself. Later, when logging in, you can quickly verify the data. He also emphasized that these steps will be completed in a very short time, just as fast as the time of a credit card payment process.
From the perspective of their technical architecture, there are three key points. In addition to the BaaSid engine and block training, Kevin specifically pointed out that there is also a node named IPFS, which can be stored in hash to record message fragments. The allocation hash will put a part of the information into the blockchain, and the other part will be put into the user’s mobile device, the proportion of distribution can also be defined.
Why is such an architecture more secure? Kevin also explained that the cost of intrusion is too high for the potential hackers. If you want to invade, you must go all the way from the device side, the BaaSid blockchain node, the Core node, and then invade the IPFS node. You need to crack the protection of the four levels to get a complete data. At the same time, he also explained the application of their BaaSid in the concept of zero trust and de-identification. For example, it is through zero-trust authority management, to eliminate the abuse of the highest authority, to set the minimum permission according to the identity, to be unable to tamper with or delete the log, and to identify the protection through data to eliminate the possibility of data restoration.
As for the current development of blockchain security in identity, we will also learn from James Huang about this trend. He said that there are already many operators in the world who have adopted the blockchain-based approach to develop the identity identification mechanism. However, such issues are quite novel. At present, they have only developed for more than two years, but they also emphasize the current products and Technology is already there. In addition, they also hope to cooperate with the FIDO industry to develop more possibilities and optimistic about the development of the domestic digital identity card (NEW eID).
Moreover, there are already some industry players who value this application concept, such as Asia’s decentralized exchange STAR BIT, and began to cooperate with BaaSid to support KYC services. In fact, there have been many incidents of virtualized currency exchanges in the past year. Interestingly, cryptocurrencies have driven decentralized blockchain technology applications, but most of the exchanges themselves and their identity authentication mechanisms have adopted centralized technology. The situation should change in the future.