Central Bank Digital Currencies (CBDCs) rely on a completely digital representation of value that people can exchange for goods and services. It would be challenging to deliver a completely digital currency solution without a tightly integrated digital identity solution. The security of the money supply and the international valuation of that digital currency will be scrutinized by how participants own their funds and approve any transactions.
If the first great CBDC challenge is not orphaning the unbanked from participating in the economy, then the second is to roll out a national digital identity framework that ties it all together. Not only do you need to make the digital currency easy to obtain and use for unbanked and underbanked citizens, but you also need to bring a trusted digital identity to all participants in the economy.
The integrity of a digital currency can only be assured by having a verifiable identity for its participants. I will state this once here, but I will likely repeat myself on this point over future episodes in this series:
If there is even the remotest plausibility of denying that a transaction made using my digital currency was not made by me – then the CBDC is a failure.
This one principle must hold true regardless of the design choices and deployment models used for a given CBDC.. If participants can arbitrarily deny they made the transactions that occurred in their wallet, the digital currency no longer has any value in any marketplace.
The combination of CBDC and Digital Identity defines the next level of capabilities that need to be incorporated into the modern payments ecosystem of a central bank. The industry will bring this as a value-add to the economy through the augmented payment data points that devices such as smartphones or the ‘internet of things’ (IoT) can bring to bear for this solution.
CBDC ecosystems will need to embrace and extend the factors described by Payment Services Directive 2’s (PSD2) Strong Customer Authentication (SCA) along with PCI’s Multi-factor Authentication (MFA) capabilities. These will be integrated with a digital identity solution that will secure and enable perpetual KYC throughout the transaction framework. Wherever and whenever possible, additional data factors such as geolocation data, cellular triangulation, Wi-Fi endpoints, IoT, NFC, RFID, Bluetooth, and any other detectable information that a card, smartphone, fob or other devices can access, will improve the integrity of the transaction.
To be clear, we aren’t speaking about just any digital identity. The traditional organizational identity may be one route for governments to digitally document their citizens, but this would create a whole new mechanism amongst a variety of existing mechanisms that are already in place. Leveraging a third-party identity provider is also likely not to be very helpful. Governments should look at how they can provide an identity solution that delivers self-sovereign identity (SSI) capabilities for citizens that can then be augmented with the documentation mechanisms that already exist for birth certificates, work permits, driving licenses, health cards, etc. This way citizens can create a multifaceted identity tool that is embedded and integrated with their digital wallet. Once established, the digitally signed government provisioned credentials mentioned above can be incorporated and verified along with third-party credentials. When the wallet holder goes to make a transaction, a peer-to-peer identity connection is made so that the wallet holder can verify the credibility of the business and the business can verify the credibility of the individual. This would use four main factors:
- Who (or what) is the issuer
- To whom (or what) it was issued
- Has it been altered since it was issued?
- Has it been revoked by the issuer?
An SSI will also allow wallet owners to carry self-signed credentials such as preferences, opinions, legally binding consents, or other attestations that they have made about anything. The wallet owner has sole ownership and control over what is included or excluded from their wallet and also has direct control over what is shared in any given transaction.
When you combine digital currency with Self-Sovereign Identity and authoritatively signed credentials and then incorporate transactional data from the transactional devices, locations and surrounding devices, the integrity and legitimacy of a transaction increase significantly. None of the device and location data needs to be public - it can all be encrypted but it adds to the overall confidence scoring of the transaction between the two parties. If the confidence score falls too low, then the parties would be able to refuse the transaction.