What's Up with Tech?
Tech Transformation with Evan Kirstel: A podcast exploring the latest trends and innovations in the tech industry, and how businesses can leverage them for growth, diving into the world of B2B, discussing strategies, trends, and sharing insights from industry leaders!
With over three decades in telecom and IT, I've mastered the art of transforming social media into a dynamic platform for audience engagement, community building, and establishing thought leadership. My approach isn't about personal brand promotion but about delivering educational and informative content to cultivate a sustainable, long-term business presence. I am the leading content creator in areas like Enterprise AI, UCaaS, CPaaS, CCaaS, Cloud, Telecom, 5G and more!
What's Up with Tech?
Reimagining Identity Verification in a Digital World
Interested in being a guest? Email us at admin@evankirstel.com
What if you never had to share your social security number or personal details again? What if there was a way to verify your identity and background just once, then reuse that credential securely for life? Trust might be the new digital currency, and Trua is building the exchange.
The digital world demands proof of who we are at every turn, but our current verification systems create massive security risks. Each time we provide our personal information for a background check, membership sign-up, or service enrollment, we're creating another vulnerable data honeypot. With data breaches costing companies an average of $4.5 million and affecting millions of consumers, it's clear our approach to identity verification is fundamentally broken.
Raj Ananthanpillai Founder & CEO shares his vision for a revolutionary Trust Bureau that gives individuals agency over their personal data while providing high-assurance verification to businesses and organizations. Drawing inspiration from post-9/11 security initiatives and addressing the shortcomings of using Social Security Numbers as universal identifiers, Trua has developed a blockchain-based system that could eliminate 70-80% of data breaches by preventing unnecessary PII proliferation.
The implications are enormous. From streamlining pre-employment screening and preventing North Korean infiltration of tech companies to simplifying verification for gig economy workers, Trua's approach puts individuals at the center of the verification process while reducing regulatory burden and security costs for businesses. By tokenizing identity attributes and using zero-knowledge proofs, verification can happen without exposing underlying personal data.
Ready to reclaim ownership of your digital identity? Discover how trust is becoming the new digital currency, and why the future of verification might look a lot like having a mobile driver's license in your digital wallet—secure, user-controlled, and universally accepted.
Discover how technology is reshaping our lives and livelihoods.
Listen on: Apple Podcasts Spotify
More at https://linktr.ee/EvanKirstel
Hey everyone. Fascinating chat today as we ask. The question is trust the new digital currency with Trua Raj. How are you?
Speaker 2:I'm doing well, Evan. Thank you very much. Thanks for having me.
Speaker 1:Well, thanks for being here. You have an amazing background and biography and mission at Trua. Let's start with that, with some introductions. What inspired the creation of Trua?
Speaker 2:The Trua has basically been on my drawing board for many, many years. We used to do a lot of work for the public sector after 9-11 in terms of catching bad guys, and we built many, many mission-critical systems. But one of the things that came about after 9-11 was you know, how do you determine a trusted traveler? Because the traveling public was the biggest thing, as you know. That was the biggest issue. So I said, hey, how about we develop a reusable credential that they can swipe through when you go to any airport that is acceptable by TSC at that time, and then you know, that way they don't have to redo. It's continuously screened and continuously monitored. There you go. That's where the origin started, which is, you know, it's called Trusted Traveler, registered Traveler, and then it moved on to TSA PreCheck. That was the evolution of that whole thing. And then, once you get it, you reuse it anytime and it's always monitored and it's current, up to date, because you get it once. As you can imagine, I'm sure you've used TSA PreCheck.
Speaker 1:I can yes.
Speaker 2:Yeah, so you get it once and then move on. The only thing that they did not do, which I kind of hinted at them hey, you need to figure out how the identity piece works, right, because they did not have the identity component. They had the background component. I said, no, no, we're going to have them. Show them their ID and then we will scan it and then we look it up, right, because we want to make sure that at least we match the face with the individual. I said there is a way to code that and then you show. At that time, I said have a QR code very popular. You can do a QR code scan and then the picture should pop up and then, boom, you let them in. And I said no, they just wanted to move on with the actual physical. Looking at the, either a government issued ID, like a driver's license or a passport.
Speaker 2:So, and then many years go by you know we've been working on this for many years and then, finally, it dawned on me after the big breach that happened in, I believe, 2017, the Equifax breach and they said hey, why do you guys need a social security number for everything? And one of the executives from Equifax testified in Congress. That's the key identifier. And I was yelling at my TV. I said, listen, social security, was2 wages to kind of close the loop on employers giving you compensation, and then they report that to the IRS and they tie it up and that's what it was meant for filing taxes and so forth. But over the last 25, 30 years, 25-30 years, everybody starts using Social Security as a key indicator in terms of figuring out who you are and, of course, with all the breaches and everything, all the other fraud people have started piling up on top of it. Oh, I want to verify your phone number. Now you have digital device, which is, in this case, mobile phones. Phone number is also teed up to verify the authenticity of the individual.
Speaker 2:When I say identity, I just want to make sure I'm very clear here. We are talking about human identity, not just logging, passwords and other things that you use. It's purely determining if the human is the human on the other side of the wire, so to speak. So that's where we said you know what this is ridiculous. Let me get our concepts and other things developed.
Speaker 2:And that's when we developed TRUA, which is basically combining the concepts of TSA pre-check and then the driver's license or government ID verification, which is basically verifying the identity of the individual, because, as you know, government issued ID is what I call the fundamental ID of every individual in the world. Literally Any government will issue an identity when you're born or whenever you seek it, and then that is used as a true identifier. So we said, okay, how about we integrate that as well into this TSA PreCheck concept and then call it TRUA, which is basically you get it once, reuse it for the rest of your life, and that's what the TRUA concept was. We officially launched it in 2023. And we have, I would say, as a company, we have a couple of other products, but we have close to 75, 80 customers now.
Speaker 1:Fantastic and you describe Trua as a platform, a built-around, verified trust. What does that mean practically for individuals or businesses, managing their employees' reputation or identity? How does that work in practice?
Speaker 2:So basically it's, you know you have two problems always right. One is in case, if you study Uber, how it started? Right, they had the problem of a driver and the consumer, so they were working parallel. Okay, how it started? Right, they had the problem of a driver and the consumer, so they were working parallel. Okay, how do I get more drivers? How do I get more consumers? And that's how the whole ecosystem was developed over time.
Speaker 2:It's the same concept, right? So either you build around and say okay, go to all of the third party relying parties or verifiers and say, hey, will you accept this? Or we start building use case by use case. The first use case we started was obviously pre-hire screening, because that's been the analog world forever, literally the traditional background check. It's always done by a third party, like when you apply for a job, the company asks you to fill out a bunch of information, including your PII, and then they transmit that to a third party background check company and then they talk amongst themselves whether you're qualified or not, or you want to get a job or not. You are absolutely in the dark. You never know what's in your background and at least the credit report. Think about it. It was the same concept until about 2008,.
Speaker 2:When the financial crisis happened, cfpb was formed. They said, oh, you got to have at least one credit report per consumer every year. You have to show them at least one to see what's in there. But try disputing that, by the way. It's next to impossible, right? Hey, this is not me, this is my dad or my brother, whatever it is.
Speaker 2:So we took some of those things from the credit bureau concept and say, okay, we need to modify it. We need to be able to let the individual verify their data to make sure they cannot change anything. That means they verify their data and make sure they cannot change anything. That means they verify their data and say, yep, this do belongs to me. This particular infraction belongs to me, whatever it is, or you can dispute it ahead of time. And then you get the truer score, which is basically like a fico score, and then, once you get that, you can use it for any purposes. So we are trying to create both the relying party and the verifiers and then, at the same time, building up momentum for acceptance for individuals to start getting this. So it's basically think of it like a credit bureau you have a credit report and a FICO score. We have a truer report and a truer score for everything else in life.
Speaker 1:That is fantastic. So many use cases and applications of this One is things like background checks, which feel like black boxes, very slow ones at that Yep.
Speaker 2:And another big difference is the background check you can only do after you're offered a job. That is because it's fully and heavily regulated, because A you're not in the loop. That's why they want to regulate. They can't really nearly do a background check on you. In our case, you can send a link to your prospective applicant anytime, anyplace and say hey, this is the criteria for our job acceptance. You need to have a bachelor's degree or a two year degree with this particular license or this particular skill set, two years experience and a true score of 300. Our score is from zero to 360 to reflect the 360 view of an individual. So, and a true score of 300, let's say, right Right up front, you're providing the criteria for hire and then they can go get it anytime. You don't have to wait for an offer.
Speaker 2:And then A it filters out the people that are not going to be qualified and the employers are not left with a hot potato. Filters out the people that are not going to be qualified and the employers are not left with a hot potato, which is the biggest thing, because they always walk on eggshells when it comes to adverse action, like, hey, this person had some really criminal issues. I can't. What do I do with this? You know how does that apply in this state. You know what are the regulations in this state, all of those things they have to worry about, because that's why the regulate a regulatory burden on employers is so heavy when it comes to background check, because it's fully regulated in our case. You can do it anytime, and then the individual can dispute hey, this is not me, this is definitely my dad. He went on a vacation and his DUI is showing up on my record. Okay, we will verify that. We have multiple sources of data. And then, if it all points out to the same thing, no, it's you, because, roomba, we look at your government issue ID and we verify your social, we verify your date of birth and we verify your seven years worth of address history.
Speaker 2:When you have those things verified, the chances of being a false positive are very, very low and when you get a report, you can be pretty assured that it is what it is going to be, because we have already vetted every which way we can think of and we have also mapped it, because we have a three-dimensional map of every data point that says type, recency and relevance. For example, some state says, hey, if you have a misdemeanor and if it's more than five years, you cannot consider that. We've already accommodated that because of the three-dimensional matrix. That's our secret sauce that we have. We have codified every penal code in the criminal justice system and we have mapped it to all of the states as well. That says, oh okay, this state, you cannot talk about this, not report about this particular infraction or misdemeanor.
Speaker 2:Felonies are always there. Most people have never banned felonies, but some of the infractions and misdemeanors some states said, hey, you got to ignore after five years, three years, petty theft, for example, right. So in the traditional model, when you get a full-fledged report from a third party background check company, the HR individual who is a recruiter they get the full report. Once you see it, you cannot unsee it, even though you cannot take that into consideration for this particular hire in this particular state. And with the remote work it's exasperated the problem for many employers as well. We take care of all of that and it's pretty fast. It's natively digital, natively verification of the identity with high assurance right, it's already done and then you just make the decision. It's given to them in a silver platter.
Speaker 1:And this is especially true.
Speaker 2:I don't know if you followed this news about North Korean. You know hires right. I'm sure you're on the front page of Wall Street Journal a couple of weeks ago and I said, holy cow, how they are doing that? Because there are server firm that are using it and lots of creditors were hired, infiltrated into companies.
Speaker 1:That is an unbelievable amount of. So do you envision your trust credential, or trust credentials, being as common and as essential as credit scores? I mean, what has to happen.
Speaker 2:That is the thing, in fact, what we are trying to. What you'll see, is we are creating something called a trust bureau. We have the technology, we have built it and we just sort of it's a different method of different way of delivery. Think of it, right. How do you today everybody for identity verification or any of those things? Either you go to a third party or you buy the systems, you install it in your premise, you collect PII and all of those things to verify and provide your mission. Guess what? That is the biggest honeypot for data breaches $46 billion according to IBM's report last year in data breaches. An average breach cost is $4.5 million. Think about the amount of money. And then, added to that, organizations are spending enormous amount of money in buying for compliance and also cyber insurance, because they don't know when they're going to get hacked. And if you have seen the cyber insurance cost, it has gone through the roof because of this issue.
Speaker 1:Yeah.
Speaker 2:So we are taking care of trust as a service right Trust Bureau. It's a service of my data. You just need to know that I'm over 21, for example, age right or I don't have a criminal record, or I don't have a misdemeanor or I don't have a bankruptcy. I don't have any means. That's all you need to know to provide the service and you don't need to have all of the data underlying that right. So if you can provide that high assurance way of delivering those things attributes without actual PII exposure, think about the reduction in data breaches. Our estimate we did some research. You know, if you eliminate PII exchange and proliferation for every little thing right, there is at least 70% to 80% reduction in data breaches. Amazing and more importantly yeah, that's a thing about that and more importantly, many of these things are repetitively done. How many times you have to give out your PII? Okay, you go to a gym membership or you go to this membership, you still have to give your social and data.
Speaker 1:It's sitting there.
Speaker 2:Multiple honeypots are sitting there. There, multiple honeypots are sitting there.
Speaker 1:So the next wave of fraud is AI powered. So I imagine that this level of control and ownership and visibility can also prevent potentially all this AI fraud and vishing.
Speaker 2:Because what we are finally doing is we are co-opting the consumer to be the guardians of their data as well. We're not just leaving it to them hey, good luck. No, it's a co-opting them. Hey, you be part of this journey. You be, because that is the only way to fundamentally solve this problem. There is no. People have tried, poured billions and billions of dollars in trying to solve this problem and nobody has ever thought of hey, how about not sharing the PII? But we can provide the necessary assurance. Ok, identity is verified right, as long as it's high assurance and you have a solid legal audit trail. That's all you care for. And then we have incorporated a little bit of biometric not necessarily biometric comparison to any big databases, biometric comparison to your own government issued ID. So when you have a valuable transaction going on, your face should be compared right away, because that's how you will avoid AI issues.
Speaker 2:I'm sure you've heard of agentic AI and all of those things. That is a disaster waiting to happen in this particular sphere, because you have no idea who that agentic AI is going to take over and start acting on your behalf. Oh, I have my AI agent doing everything. You just don't know, because I'm sure you saw this recently. Apple, I think it was Apple. Yeah, A couple of days ago, I got a lifelock alert that 16 billion login passwords were compromised Unbelievable, yeah. Okay, so you cannot trust anybody and you have to have ownership of that. You need to have agency of your own data.
Speaker 1:Love it, love your enthusiasm, it's so infectious, so somebody has to.
Speaker 2:Fundamentally, that's exactly what we are doing here, fundamentally shifting the paradigm, letting the consumer on board and then and say, ok, now, I mean, we have a big mortgage company as a customer, it's a good example, right. And they said, hey, big mortgage company as a customer, this is an example, right. And they said, hey, we don't want to pay for it. But what they do is they place mortgage processes in different companies. That means it's like a staffing agency for mortgage processes, right, and they go three months here for six months. So everybody's asking to do a background check on that.
Speaker 2:Think about that. You do it once. Oh, yep, it's already done and you reshare it. That is the power of this, right. And what we think about last year is it, yeah, 2024, I may be wrong by 2024, 23, 126 million background checks were done, 126 in the United States I'm talking just US at this point, right, and 30% or so, 32, 30, 35% or so were repeats. Why, how many times are you going to verify your degree? How many times are you going to verify your address? How many times you keep verifying your date of birth? You've already declared it once and you've verified it thoroughly every which way from Sunday, dr Anand Sharma.
Speaker 1:That's a great point.
Speaker 2:So get it once, reuse it for the rest of your life Brilliant.
Speaker 1:Yeah, and then it's continuous.
Speaker 2:It's continuous, that means it's not like it's static, right, we always look for okay, what are the variable things in this case? Right, your social data, birth, doesn't change. Your college degree, if you are verified, or professional license, they they don't change, except it's expiring or renewal and those kinds. We have flags for that, right. The only thing that changes is whether you committed a crime or not, or did you go into bankruptcy or not, did you evict? You know those kinds of stuff, what I call court records, right, which are usually public records. So those are the only things that we monitor and continuously update. We call it continuous screening.
Speaker 1:Interesting. I guess the other aspect that changes our regulations constantly evolving state regulations. Countries have all new AI governance rules and data sovereignty. How do you stay ahead of the compliance curve when it comes to all this stuff?
Speaker 2:So, yeah, so one of the things think of it right, Because we are letting the consumer in up front, the regulatory burden is drastically reduced. I've already had this conversation with CFPB in the past. Before we launched this, we briefed them and while they won't say, yeah, this is great, we'll endorse it, right, They'll never say that and you know, I really want to put the regulators out of business, especially when it comes to these kinds of stuff, because they have never, ever approached this. Okay, I got to fix this once and for all. Every time there's a new regulation, businesses find a workaround, right? That's what has been going on. Instead, literally, you know, shift the paradigm and say, hey, get the consumer involved. Why are you trying to protect the consumer when the consumer yes, that makes sense. When the consumer had no idea somebody was using your data, but now consumer is going to be part of it. Consumer is part of the journey.
Speaker 2:They have agency over the data, you can at least eliminate probably 2,000 pages of regulation in the CFPB manual. And we went to them and towards the end of the meeting some of the senior most lawyers were there and they said hey, you have an advocate at CFP for you guys, because what you guys are doing is putting the consumer up front. Yeah, it doesn't make sense. You know it has no monetary value for businesses up front. Oh, why am I doing that? I know I like to keep mining their data, right, but think about the consequence You're spending enormous amount of time and money on regulatory compliance.
Speaker 2:Enormous amount of time and money on regulatory compliance. Enormous amount of time and money on trying to protect your data store, which is basically your PII that you've collected right. And then enormous amount of time for insurance and money for insurance and other compliance issues. Think about all of that, because that is not your core business. Your business is hey, I want to let an actual individual into my site or individual into my platform to get the service whether it's childcare, home care, healthcare, whatever it is that day right. They are not in the business of making sure that you are who you say as long as that is done right. So basically they can outsource all of that to a trust bureau, right? Think about 40 years ago. Everybody was doing their own. You know the banks and everything for lending right? They will collect their own data and they're assembling it and figuring out and then whatnot.
Speaker 2:And then credit bureaus came along and said, hey, you don't need to do all of that. We have, we'll collect it, we'll do it. We'll assign a score and boom done, we'll collect it, we'll do it, we'll assign a score and boom done. It's exactly the same concept and you've perfected the issues that you have at credit bureaus. It's not a black box anymore. You have visibility into it, and ours is built on blockchain and tokenized. Everything is tokenized in there. Nobody can just leak it and take it right. And it's a blockchain ledger right, so immutable. Basically, nobody can change anything. And a ZK piece zero knowledge proof.
Speaker 1:Well, finally, we found the killer app for blockchain outside of crypto.
Speaker 2:So that, congratulations, yeah, I always said yep, that is exactly right, but we don't lead with it necessarily because we're not trying to get a blockchain uptake. Here. We are trying to solve a problem and then we are using some of these technologies to bolster and make it a Fort Knox.
Speaker 1:And speaking of technologies, what other technologies are on your radar? You've got Sam Altman scanning people's eyeballs around the world.
Speaker 2:Yeah, what's that world? Something right. World coin. World coin right.
Speaker 1:What other tech is on your radar?
Speaker 2:Yeah, it's going to be a rough ride for them in the United States because the US is always skeptical about some of those kinds of stuff, especially biometric right. It could be used for nefarious purposes. You know I've written many posts about that in the past. The issue with that is, you know, just because you have a face, you still need the other attributes to verify right, and so that could be good for certain applications where you know you want to make sure you know somebody who's authorized to be in a location. They can Right. But again, somebody has to collect, somebody has to do all of those things, and you know, yeah, you can put all of these little bots in every place to collect that and do all of those things, every place to collect that and do all of those things. It is, in my opinion it's a dangerous path, but I'm sure when the dust settles there is a sliver of an application for that.
Speaker 1:I just don't know what that is.
Speaker 2:Yeah, and for us, agency over your data, personal data is very important. That is something that I'm passionate about. That you know you need to have. At least you need to know where it is and at least you need to know who's using it, right?
Speaker 1:And so, obviously, the you know opportunity is immediately here in the US, north America, but globally there are hundreds of millions of people born without identity of any kind. You must have your eyes on you know.
Speaker 2:Asia. Yeah, so ultimately, yes, that's a great point. Right, so somebody has to verify that you were born in a certain place. Right, let's say a local hospital. Right, so that particular aspect, it's always still what I call analog, in the sense that you were born in this hospital. Somebody is issuing right, and if there's no national ID, somebody is issuing right. And if there's no national ID, let's say right, and how do you determine the individual right, unless you assign them right up front? Right, you can do all of that and that's the easy part. Right, then you verify and then, for example, there is a big move in this country to call mobile driver's license.
Speaker 2:There is a big move in this country to call mobile driver's license, mdls I'm sure you're familiar with that. Right, and states are notoriously slow and they're trying to literally make it come up with a digital version of the driver's license, and they're not trying to do this for a new one, they're trying to do it for an existing one. And I'm thinking why do you want to waste your money? Here's? Okay, they have an existing analog card. We can authenticate that every which way from Sunday, and then we put it in a little device.
Speaker 2:Today, it's an Apple wallet for us. Right, you can see it, you can use it. Then what else do you need? So that's a substitute for MDL. I haven't, you know, knocked on those doors yet, but the application is ginormous here. So everybody can have a mobile driver's license or a Truva ID, similar to a driver's license that is locked up in their digital wallet, and they can use it for a variety of purposes in the future similar to a driver's license that is locked up in their digital wallet, and they can use it for a variety of purposes in the future.
Speaker 1:Wow, so exciting. Where can people? You're in the DC area. Where can people meet you or the team this summer or the fall? What are you looking forward to event-wise or meetups or other speaking opportunities?
Speaker 2:I had to check our calendar. I know we were just at Unleash America or other speaking opportunities. I had to check our calendar. Right, I know we were just at Unleash America. They were at Marketplace Risk, and then you know there are 60 or 70 million gig workers in the United States approximately. It's increasing.
Speaker 2:Think about everybody having one of those things, because they keep giving out the information over and over to, okay, uber in the morning, lyft in the afternoon and DoorDash in the evening, right, they're all different companies or different outfits. They're all trying to verify you and you have to provide your information. Why, why? Think about the proliferation of the data. Everybody's got a honeypot now and you have to guard it, and that's why the breaches are just going through the roof. Every day you're hearing about a breach. I'm challenging AT&T. Recently I'm sure I wrote a post about that as well 80, 90 million PII was leaked. How did that happen? Why did you need social security number? Oh, credit check. You could have done that and then deleted the thing. You could have deleted it, right. Sometimes they do continuous credit check every so often, right, yeah, but you can get it and then delete it. They didn't, they want to keep it, and then they want to keep your.
Speaker 2:You know all of the attributes. They don't need that. As long as there is a quick path to verify, let's assume we have it. We have it locked up, blockchain, blah, blah, blah, all of those things. And the AT&T wants to verify initially, and then, six months down the road, they want to verify to make sure that they're still a good customer, paying customer. They can just do it. You don't need to keep it. So everybody's trying to keep it, hold on to it and then guard it with their life and spending enormous amount of money. It's distributed, so centralize it just like a credit bureau did it right. So nobody's doing your credit check and credit report and assembling your background, your financial capability. They just go to the credit report and get it.
Speaker 1:Such an important note. That's kind of a mic drop moment. So we're going to be watching your success and rooting for you and us. So congratulations on the vision and the mission onwards and upwards, raj, much appreciated.
Speaker 2:I really, yeah, I really appreciate it. As I said, I've been at it, we've I really appreciate it. We've got multiple patents on it. I think we have six issued and four pending. You have patents and books.
Speaker 1:I love your enthusiasm for this topic. Can't wait to check in, maybe end of the year, see where we are. Yeah, absolutely.
Speaker 2:I appreciate that. Thank you, thank you, evan.
Speaker 1:Everyone, thanks for sharing and check out our TV show at techimpacttv now on Fox Business and Bloomberg TV as well. Thanks everyone. Thanks, raj.