We talk a lot about digital identity on The Decentralists. What is Identity? What makes Identity self-sovereign? Why is decentralized identity better than centralized like that offered by Single Sign-On?
This week we talk about another important risk of centralized identity, the linking of personally identifiable data (PII).
To put this important issue in context we have a couple of interesting examples in the news just this week Brian Barrett from WIRED reported on new dangers resulting from a breach of up to 100 Million user records at T-Mobile. Kim Lyons from The Verge reported that Tinder is going to start offering Identity verification to all it’s users.
These two reports may not appear to be similar, but Henry, Mike and Geoff do their best to explain .
We talk a lot about digital identity on The Decentralists. What is Identity? What makes Identity self-sovereign? Why is decentralized identity better than centralized like that offered by Single Sign-On?
This week we talk about another important risk of centralized identity, the linking of personally identifiable data (PII).
To put this important issue in context we have a couple of interesting examples in the news just this week Brian Barrett from WIRED reported on new dangers resulting from a breach of up to 100 Million user records at T-Mobile. Kim Lyons from The Verge reported that Tinder is going to start offering Identity verification to all it’s users.
These two reports may not appear to be similar, but Henry, Mike and Geoff do their best to explain .
Henry : Hey everyone. It's Henry, Mike, and Geoff of The Decentralists and we've got another hot topic, Identity is a Ticking Time Bomb. You see, we talk a lot about digital identity on The Decentralists. What is identity? What makes identity self-sovereign? Why is decentralized identity better than centralized, like those offered by single sign-on? This week, we talk about another important risk of centralized identity, the linking of personally identifiable data, also known as PII. To put this important issue into context, I'm going to mention a couple of interesting examples that just happened this week in the news. Number one, Brian Barrett from Wired reported on the new dangers resulting from a breach of up to 100 million user records at T-Mobile. Can you believe that? Secondly, Kim Lyons from the Verge reported that Tinder is going to start offering identity verification to its users. These two reports certainly don't appear similar to me, but we're going to do our best to explain how they are and why you should be worried about your digital identity. Mike, Geoff, can you refresh our minds on what we mean by linking identifiers?
Geoff : I can take that if you want Henry. It has to do with what are known as primary keys, putting on a bit of a geeky database hat for a minute. Let's say that I have a bunch of data about you, including your phone number, but I don't have your address. In another database, I have an address with a phone number, but I don't have a name. I can key those two together based on that phone number. Now I have a complete data record for you. If I have another data set with your phone number that has your height, weight, and shoe size, then I can add that to the mix as well. Once you have all of these disparate databases with your identity in them, with bits and pieces of your identity scattered all over the place. If I have a key, then I can start linking those different data sets together and build a richer profile of you. That is the danger here. Whether it is your phone number, whether it is your IMEI, which is the unique identifier stamped into your handset that lives with it forever, whether it's your social security number or social insurance number, whether it's your driver's license number, these are all pieces of data that can be used as primary keys to link all these disparate data sets together.
Henry : We log into dozens, if not hundreds of services and websites over the period of a week and all the information we put up there, if someone were to collate that they'd have just about everything about me.
Mike : So the first thing I want to clarify, just to give T-Mobile a bit of a break, it was only 48 million records.
Henry : That’s more than the population of Canada.
Mike : I do want to add a couple of other little flavors to this. The first thing is, and this is just the lunacy of this data breach, they estimate that 40 million of those 48 million records are not T-mobile customers.
Henry : What?
Mike : Seriously. For a while, I guess, or maybe they still do, they had a T-Mobile MasterCard. Like these white-labeled credit cards. They took applications from a whole bunch of people that they never ever approved. The data that you give your mobile company when you sign up for a new phone is bad, but it's not as much as you give a bank, who's giving a credit card. Then they also had a bunch of people who had signed up for services, used to be T-Mobile customers, or had bought a prepaid SIM or something like that. They had all their data too. It’s lunacy why you would have data on somebody that's not a customer. It's lunacy. What I found the most about this article was that a lot of people, when they talk about data breaches and they seem to happen every week, which should literally scare the crap out of all of us. But instead, I think we're all just numb. But these breaches happen every week, and a lot of the focus is on things like identity theft and all of these types of things. But with Geoff's previous comment, what you basically have in these breaches, and this is what Brian pointed out about… What I liked about his view in this article is the data that was being breached and up for sale on the dark web was way more invasive because of all of the linked data that Geoff just talked about. People don't generally talk about that. He said one of the problems with this is there's something like 20 million records that have a name, an address, a credit card number, and a pin number. Let's face it, anybody here put up your hands if you've used the same pin number on your bank card, as you use any other place where at like your new SIM.
Henry : So 500,000 people have done that at least.
Mike : It's probably 20 million or something, but the point is that now you have a pin number which is another crazy identifier now all of a sudden, to Geoff's point, if in some other database, some hacker stole a master card number, with a phone number and they can now attach that to this T-Mobile account, they now have the pin to your MasterCard. They also have these IMEIs. I'm a T-Mobile customer, I have an iPhone, I go out and I decide to switch to Verizon. Because T-Mobile has my IMEI number that means that even if I'm on Verizon using the same handset, these guys can spoof that handset and use it to do SMS-based phishing attacks or hijack your account, or do any of these things. It's all of these extra little subtle things. When you sit there and you're like ‘Okay, wait a second. Henry, if I had your name, date of birth, address, telephone number, IM EI, credit card, pin number, how hard is it for me to impersonate you?
Henry : What you're talking about is, let's say on the dark web, these essentially criminals, these hackers, all they have to do is buy six databases that have been hacked and then spend a month collating them and they have everything on everybody.
Mike : This is the point. It's the dark web. That data is for sale. That's the whole point. Let’s put in another little subtle thing. Typically the most prescient example of all of this data being aggregated and used in a visible way against you is social media. Zuckerberg is just like a hacker on the light web instead of the dark web. What's the difference? If I'm a hacker and I go out or I'm just a regular human being with nothing more to do but I'm a computer guy. I go to the dark web and I buy the last five data breaches. I buy the 500 million Facebook records that were out about a month ago. I buy the 48 million T-Mobile ones et cetera. I use an algorithm to roll in and analyze this stuff and link it all together. I can replicate what Zuckerberg has. It's the same thing.
Henry : Wow. I understand the severity and what's happening here with T-Mobile, but Geoff, why is Tinder offering to validate their users’ identity? Tinder is a dating app, if I'm not mistaken, what's this all about?
Geoff : It has to do with the fact that when you are dating people if you're serious about wanting a relationship, which is not the case with everybody on Tinder, some people on Tinder want a relationship that lasts four hours or less between consenting adults, that's perfectly fine. Some people who are looking for a relationship and are putting a lot of energy into this, say they want to ensure that if they spend two hours chatting with somebody online who says that he's a 35-year-old guy who works as an accountant in downtown Vancouver, isn't actually some 60 year old George Costanza. I'm afraid we're dating ourselves with our younger listeners with that reference, Henry. He isn’t some older dude in some basement in the Ukraine who's just playing that Lonely Hearts. Tinder wants to say, if you're going to put your energy into our site and look for love and look for someone to spend the rest of your life with you can trust us that all these people that we are presenting to you are who they say they are and are the age that they say they are, and so on.
Henry : How would they do it?
Geoff : We can joke about George Costanza, but I might add that it can go in the other direction. As a male, I'm constantly bombarded by all of this spam from all of these allegedly pretty women that are…
Henry : They want to meet you, Geoff.
Geoff : …special friends. It's just a lot of time, energy, and nonsense. This is the root of all of this validation of users’ identity is to say ‘Hey, if you click on Steve or you click on Jane they are who they say they are.
Mike : Let's face it. What Tinder's also saying by this is they've created a platform where there are no curbs on fake accounts, there is nothing stopping somebody from saying they're single when they're married or saying that they're 35 when they're 55, or there's nothing stopping that a ball thought from using a photo and creating a personality to lure these lonely hearts. By doing this, they're turning it around and trying to make it seem like it's the user's fault that all of these fake accounts exist.
Geoff : Yes. The problem with this is basically saying, give us all this PII so that people that are looking for love can trust that profiles are who they say they are.
Henry : PII is?
Geoff : Personally Identifiable Information.
Henry : Thank you for that.
Geoff : It gives us all your private data so that if you create a profile, the people looking at it can feel comfortable that you are who you say you are. If the people looking at these profiles would just apply 10 seconds of common sense then this problem would go away. If some guy is George Costanza at age 60 and he's getting messaged by a 22-year-old college girl saying ‘Hey, I'm looking for love.’ It's tragic and I'm sorry to say this but it's 99.9% the case that this is fake. If the user base applied a little common sense navigating these sites, then I don't think Tinder and others would feel the pressure or to create, or to require the release of all of this PII. On top of that, if you do create a fake account and then you go out and actually meet this person and you are 60 year old George Castanza, not some 35-year-old architect, well, you've just gone and wasted your, and everybody else's time. What problem are they trying to solve here? I guess is the question.
Henry : Mike, tell me how are they planning to validate identity?
Mike : This is the meat of this story. To me, when you look at PII, personally identifiable information, think of dating sites, anybody who's listening, if you're on a dating app or have ever used one, Think of what data you put into a dating app versus the data you put into say Uber. It’s bad enough that there are databases of things like name, email, credit card. You give these dating sites your favorite color, your birthday, they have a record of what kind of people you click on. Do you like blondes or brunettes, male or female? Things like this. They know when you go on dates, they know where you go on dates.
Henry : And their sexual preferences.
Mike : They know everything. You're giving even more closely personal PII. Now what the dating apps problem is is that they've got people who are, let's say legitimate users and are having these experiences that Geoff describes with George Costanza. They're saying ‘What are you going to do about it Tinder? So what Tinder's been doing since about 2019 in Japan, they've been piloting this validation. What they will literally do, and I'm not kidding, is if you're on Tinder and somebody says I'll only go out with you if you validate, you need to take a digital copy of your driver's license and/or your passport and you send it to Tinder and Tinder will match it up against your profile, check the birth dates and all that stuff. And give you a checkmark that says that you've your identity has been validated. This is a dating site. Are you out of your mind? You're going to give them your passport and your driver's license?
Henry : Are people actually doing this?
Mike : Apparently they have been. What would your choice be Henry? If you’re George Costanza and you believe that the 20-year-old girl who's looking for love is actually a 20-year-old girl looking for love. And she says I want to know that you're validated before I date you. What are you going to do?
Henry : Dating apps, isn't most of the information that people put in either a very perfect version of them or not even accurate at all? How can you believe if someone's going to validate something that isn't even real?
Mike : This is the other point. Let's say you go ahead and do this. Let's say you're fine. You've given up everything. Everybody knows you like pistachio ice cream and long walks on the beach. Now you've gone out and you've added your passport or your driver's license, two of the most important identifiers. My passport's locked up in a little box. You've just given that up to a dating site to potentially hook up and what does it actually tell the other person? What problem does it solve? The only thing it does potentially is validate the age of that person. That's it?
Henry : Well, maybe the picture, sort of?
Mike : But who knows? Passports are 10 years old now. The idea is now you know that I am actually 35 or 45 or 55. Does that tell you that I'm actually a married guy and pretending I'm single? Does it tell you that I have a criminal record? Does it tell you that I said I'm a 35-year-old architect? That I'm a 35-year-old janitor? It doesn't tell you anything about me.
Geoff : One thing I would argue that it does is it perhaps purges some of the scammers from the site. If I am going to turn around and ask for money or Hey honey, send me your credit card number and I'll send you some pictures or any of these things. Likely if there's a connect-the-dots path to criminality it might scare them away a little bit.
Henry : That's a good point.
Geoff : But again, if people on these sites, particularly men, weren't idiots then that wouldn't be necessary. Because when my inbox fills with this barrage of nonsense from Paulina and all these people, I just pressed delete because I live in reality and I know how the world actually works. Two parts of this, first of all, part one might be just a little bit of education of the users to how to spot when you're, I'm sorry you're lonely, but you're being scammed. Second of all a little bit of thought to these out algorithms, which would say ‘Hey, this profile doesn't appear legitimate.’ And this person is targeting all of these people in a peculiar way outside of the demographic. Compare that with a young woman at college who's messaging, young men at college that happened to be studying in the same faculty, doing this anonymously, of course without asking for real names or whatever, but you can say that's legit. They could approach it in a less brute force fashion if they were to choose. But they also don't want the bad press of people saying I logged onto Tinder and I fell in love with this girl, and it turns out she was a scammer in Russia. They're trying to play all these games.
Henry : Would you say that dating apps are more dangerous when it comes to our identity or sharing private information than other types of services that we use?
Geoff : They are if we get into what we were talking about earlier about linking identifiers. If, for example, I had uploaded this information into a dating app and it was breached and then that data was linked to a breach in a ride-hailing app. Now the system has my address and shade of character can come and bang on the door of a woman and, and that sort of thing. I think that's certainly where part of that risk lies is in linking of identifiers between these disparate databases during breaches.
Henry : Of course you're going to be giving a dating app things like the fact that you may be homosexual. Of course, there are other jurisdictions and countries where that is a crime.
Mike : Absolutely.
Henry : I answered my own question there. We are The Decentralists. How would a decentralized identity help break the link between our identity and our access to online services, like dating?
Mike : I'll give you a really easy way to think about it. The problem with the identity and access in things like Tinder and stuff is that in order to create your identity and then all of these links that go to it, you use Tinder's login system. Tinder says you need to have a username and a password. That's the first step. You enter a username and a password, and then you enter all that personal data in their environment. It's that username and password thing that is the first and easiest link that they can use to pin all this data together when they have all this disparate information. Think of WhatsApp, it's your phone number. That's the first link. So these usernames and passwords, email address and password, whatever it is, is the first link through. That is the common thread. Somebody had a database that had your phone number, but that phone number was attached to some encrypted certificate, it wasn't your email. It was no way that that particular database could link to you as a person. Then another database had the phone number and the credit card, they still couldn't link it to who it was. If you were the one that was initiating the connection to these services and then you were deciding I will Tinder my driver's license or whatever to validate. And they'll have that if they validate my age and then they should be deleting that data, but it doesn't have to be associated with me. That's the problem. All of these services have been built around a certain identifier that is easily linked to a real human being, a telephone number, an email address. Those are the two identifiers that most of us have been carrying for multiple years. My phone number's been the same for at least 10 or 15 years. My email’s been the same since 2004. Any database that has those two pieces of information in it can now be linked all over to each other. If either of those two things existed, if I had some other way to say here's how you email me, or here's how you call me, then none of that stuff would be as big of a problem as it is today.
Henry : Understood.
Geoff : I'll add to that. Having the ability to break that link at any time; so being able to just snap that like a twig, and now that that connection no longer exists.
Henry : What do you mean by snap it like a twig? How, how can that be?
Geoff : Well, right now, if you have a connection via your phone number, you cannot… You can throw away your phone number, but it's terribly inconvenient.
Henry : It is.
Geoff : But if you have a connection between your Manyone digital ID and something else, then the very nature of that Manyone connection, it's designed so that you can build out your network but also disconnect your network quickly and easily if you choose to do so. That is that decentralized digital identifier that's available to you for that purpose.
Henry : Makes a lot of sense. Well, thank you very much, gentlemen. I never thought I'd actually be hosting a podcast regarding Tinder and identity but stranger things have happened.
Mike : And they probably will continue.
Henry : They certainly will. Thank you very much, Mike. And thank you very much, Geoff.
Geoff : Thank you, gentlemen. Have a good day.
Mike : Thank you, gentlemen.