Personhood credentials are intended to prove a person’s identity is that of a a real person, without revealing any further information about the person’s identity. They rely on the fact that AI systems still cannot bypass state-of-the-art cryptographic systems or pass as people in the offline, real world.
We’ve all worked our way through those “CAPTCHA” quizzes that involve clicking on panels with views of traffic lights or bicycles to prove to a website that we have a trace of humanity. But in the age of artificial intelligence, clicking on a picture of a streetlight may not be enough.
“We’re not far from a future where, if things remain unchecked, we’re going to be essentially unable to tell apart interactions that we have online with other humans or some kind of bots,” Emilio Ferrara, a professor of computer science at the University of Southern California, is quoted as saying in a report in MIT Technology Review. “We can’t be naïve as previous generations were with technologies.”
See also: KYP is the new KYC: How Healthcare Organizations Can Address Medical Identity Fraud
To get ahead of the AI identity crisis, a team of researchers from MIT, OpenAI, Microsoft, and others propose a new AI-proof approach to human verification: “personhood credentials.” With AI getting better at mimicking human behavior, “it’s becoming increasingly difficult to distinguish between real human internet users and sophisticated systems imitating them,” notes Stephanie Arnett in the MIT Technology Review report. In the process, of course, it breaks down the fragile trust foundation that makes the internet tick.
Personhood credentials are “intended to “prove that their holder is a real person, without revealing any further information about the person’s identity.” They “rely on the fact that AI systems still cannot bypass state-of-the-art cryptographic systems or pass as people in the offline, real world,” Arnett explains.
The catch is there is an up-front verification process that gets much more involved than identifying street lights on set of panels. The process more closely resembles the pre-check protocols of the Transportation Security Administration.
To get started, “people would have to physically go to one of a number of issuers, like a government or some other kind of trusted organization. They would be asked to provide evidence of being a real human, such as a passport or biometric data. Once approved, they’d receive a single credential to store on their devices the way it’s currently possible to store credit and debit cards in smartphones’ wallet apps.”
At this point, the greatest challenge “is getting enough platforms, digital services, and governments to adopt them, since they may feel uncomfortable conforming to a standard they don’t control,” Arnett pointed out. “For this to work effectively, it would have to be something which is universally adopted.”