African Cancelable Biometric ID

A cancelable biometric identification system that never saves true biometric data and safeguards personal information.

As an internationally trained computer science PhD living in Kenya, I have read about and witnessed myriad egregious issues that can be solved by technology. As a global citizen I have paid attention to news stories that help me see that issues I've observed in Kenya are not confined to this country. There exists a similar set of issues around identity, treatment of women, education, and access in all previously/currently colonized countries and territories.

The world is in a constantly evolving state and we are heading toward what Ray Kurzweil describes as the singularity. To his point technology is becoming ubiquitous as Kenya now experiences 100% cell phone adoption. Which means everyone in the nation has learned the utility of these tech devices.

Due to the rapid improvements in such devices Kenya will soon have 100% smart phone adoption. Such a situation can be used to the advantage of those who historically have less education, opportunity, and exposure in order to allow them an identity they access by way of these devices.

Unlike several solutions that tie personal information to a single device for safe-keeping, it seems requisite that the cloud and immutable ledger technology be used alongside cancelable biometric technology. By combining these technologies with open technologies and appropriate software engineering methods we have created an MVP of what we believe can be an amazingly simple, but expressive identity solution initially most useful in currently/previously colonized countries and easily usable by anyone in the world.

State of the art cancelable biometric technology is being used  in conjunction with a distributed immutable ledger.

The amalgamation of these technologies will help powerfully toward the promise of biometrics, which is being able to access all of ones important information and locations without having to carry around special certificates. The amalgamation of these technologies is also innovative.

The cancelable biometric technique to be investigated is Index of Max hashing, a technique developed and tested for fingerprint. Another innovation is modifying this technique so that it works well for modalities beyond fingerprint.

This solution demonstrates `privacy by design` by making sure to never send true biometric images or vectors/matrices over the network.  The system is also designed to allow each person registered to decide what personal information of theirs to share. The system is also designed to send one a notification when someone requests their information.

Our solution is designed with using a web3 technology stack. We use the Java Spring framework, Angular, CrateDB, Hyperledger fabric on google cloud, and Swagger APIs. The Swagger APIs expose functionality through the HTTP protocol while allowing for authenticated communication.  In countries currently/previously colonized our solution can be incorporated easily using API calls. Because we are using Hyperledger Fabric for data/permissions tracking, any of the aforementioned countries can setup a node and replicate the network.

Our system is designed to be inclusive and included. Inclusive as in it will create and digitally sign version of government issued ID. Included as in it can be queried and will confirm some questions automatically and others after the person being queried gives their consent.

Our solution is designed modularly, and if/when government(s) want to use it as a source of truth for citizen information, they will be able to request official registration keys and given access to APIs that allow them to use the registration process and allow querying.

Open APIs are provided. All technologies used for implementation are available for anyone to use (most free to use). The techniques being used are in publications and the techniques/processes being developed that are unique will also be published. CrateDB and Hyperledger nodes are used so that information is permanently locked into the Google Cloud service databases. CrateDB is a cloud database outside of Google Cloud that will be used be backup information. Hyperledger fabric nodes will exist inside and outside of Google cloud. Hyperledger fabric is an open source project.

Our system will have functionality that allows one to speak to system, in their own language, and begin a highlighted tutorial that can also speak directions in a national language. Concerning low connectivity the system will have a queue of operations that require the network to complete and when there’s no connectivity it will allow normal operation and viewing of recently viewed information then will inform the user, by way of notification window and audible message that certain operations can not be performed until their device has network access.

To take the solution beyond the MVP stage and make it palatable to highest number of people and governments requires two approaches: getting the cancelable biometric techniques certified by the appropriate governing bodies, and connecting the AC-BioID to a killer application (something to do with payments and remittances like Mpesa). Also I would hire a few other software engineers and a UX professional to implement and properly test the solution.

None at the moment.

I've recently started a company in Kenya and have been making connections to other startups and established companies that handle payments and remittances. My partner is a young Kenyan software engineer and a Young African Leadership Initiative alumnus with active connections to significant decision makers in multiple African countries and access to the network provided by the US Department of State International Exchange Alumni community. Both of us are very active in Nairobi's tech space. The connections we already have and are establishing will allow us to succeed in the development of our solution.

Transactional revenue sharing once we begin partnering with a payment/remittance firms.

To get money to fund further development of our solution, is the reason we are applying. We believe the challenge can advance our work by further legitimizing our ideas by a body with intimate knowledge of the problems and existing solutions.

Financing to allow us to focus on the development of the solution beyond the MVP stage, and getting a partner application on board that can use our ID system as a basis for logging into their services.