SpruceID Joins Harvard and Microsoft Researchers for New “Personhood Credential” Proposal

Last week, Wayne Chang (CEO of SpruceID) and a broad coalition of researchers from Harvard, Microsoft, MIT, the Decentralized Identity Foundation (DIF), and other organizations released a major new proposal for fighting online disinformation and fraud. The proposed solution is a digital credential that would give internet users a powerful new tool for proving their authenticity online, while also ensuring strong privacy.

Our new paper proposes a “personhood credential,” or PHC, based on much the same cryptography-based digital credential technology that powers SpruceID’s mobile driver’s licenses in California and elsewhere. Much like SpruceID’s mDL deployments, the PHC system would reveal only the minimum necessary information about any user: in this case, simply that they are a human, not a bot or AI agent. The PHC would not disclose any identifying information, and is also designed to prevent cookie-like traceability. 

The credential would be an optional tool, primarily for specific users who want to establish a high level of credibility online while protecting their privacy, and for service providers who want to reduce fraud.

Why We Need to Prove Personhood Online

One major goal of the PHC is to distinguish authentic content on social media from deepfakes, coordinated manipulation, and other automated activity. Worries about inauthentic content online have been high for close to a decade now, but the recent advent of generative AI models, including their ability to mimic specific individuals on video, has created an even higher-risk environment for disinformation [link to fake election content piece].

Proving authenticity on the internet is difficult for technical reasons, and no truly good solution has ever emerged. That’s one reason online financial fraud and identity fraud have steadily accelerated, now costing individuals and institutions tens of billions of dollars annually. The rise of AI generated content, meanwhile, has triggered worries of a “dead internet” full of robots talking endlessly to one another.

A digital credential to demonstrate personhood could combat both disinformation and fraud, mitigate against denial-of-service attacks using automated “botnets,” and empower individuals to prove their authenticity–even if they wish to remain anonymous.

Harnessing the Power of Encryption for Online Authentication

The proposed new PHC system is fundamentally user-controlled. Among other features, that means:

1. The PHC is optional for all users.

2. It cannot reveal real-world identities.

3. Users can choose their PHC issuer.

Optionality: While any natural person could request and receive a PHC, a PHC would not (and in fact could not) be required to use the internet. Specific high-security websites or online services, such as banking portals, may choose to require the PHC as an anti-fraud measure. More generally, we expect PHC use and adoption to be driven from the bottom up by users who wish to prove their authenticity.

Anonymity and Pseudonymity: Crucially, the system is designed to prove only that the holder is a person, without transmitting any specific data, such as name, credit card, birth date, or location. This is possible because issuers confirm an applicant’s authenticity offline, then issue an anonymized PHC credential.

The digital credentials themselves are validated and secured by encrypted signatures. Related techniques are used to ensure that even these signed credentials are “unlinkable” – that is, that a user’s online activity cannot be tracked or collated.If the user desires, however, the PHC could also be used to preserve a single user identity over time.

Issuer Choice: Personhood credentials are issued and signed by an open network of PHC issuers, with measures to prevent the issuing of multiple credentials to a single person. The open issuer network ensures no issuer is able to abuse their power, for instance by limiting the uses a PHC is put to, or selecting who is eligible to receive one.

The Open PHC Issuer Network

It may seem counterintuitive that a proof of personhood credential can be trusted to a totally open network of self-selected issuers. While there are challenges and tradeoffs, we and our research coalition believe such a system strikes a balance: preserving democratic openness, while harnessing market dynamics to elevate the most trustworthy PHC issuers.

The alternative, restricting issuance only to already “trusted” issuers, would both restrict public access to the PHC credential, and create a “single point of failure” for the broader system. Potential failure conditions for a restricted-issuer system would include compromise by external hacking or internal subversion, such as the use of DMV staff privileges to gain unauthorized data access. Even worse, though, is the potential emergence of a “ministry of information” under which issuers control how PHCs are used to validate online content. 

To prevent those outcomes, the PHC credential must be available from a variety of sources. Different issuers will have different standards and procedures for proving user authenticity. These could range from government-issued identity documents and an in-person interview, to versions of decentralized identity relying on digital proofs of interactions like shopping and messaging, documented using digital proofs that can’t be faked by artificial intelligence.

By the same token, services seeking to validate humanity would be free to choose which issuers’ credentials to accept, unleashing competitive dynamics that would motivate provision of PHC services tailored for a variety of applications and users. For instance, a bank might require a PHC issued by a government entity, while a social media site could accept a less rigorous PHC. 

One challenge of the open issuer network is the risk that multiple issuers would issue PHCs to the same natural human, potentially allowing those additional credentials to be misused. This risk is still being tackled by researchers, but the possibility of multiple issuance still represents a significant improvement from the current, unlimited ability of bad actors to impersonate humans online.

Above all, the open nature of PHC issuance would prevent the accrual of more power to governments, providing a free-market alternative to governmental “ministries of truth” exercising anti-democratic information control.

Proving Humanity and Protecting the Information Commons

The internet is reaching a crisis point thanks to the continuing rise of spam, fraudulent content, data leakage, and hacking. The adoption of the PHC credential would benefit the entire digital information and security ecosystem, not merely those who hold or accept the credential.

The PHC would immediately distinguish authentic online content and interactions from automated manipulation, improving the online experience for many users without their own PHC. That’s both because the most authentic content would be easy to spot, and because the very existence of this new form of verification would disincentivize the creation of misleading content.

The PHC would provide this benefit without adding more personal data to “data hoards” likely to be targeted by hackers. Indeed, it’s these very large-scale hacks, such as the recent theft of 3 billion records, including government ID numbers, that are rapidly rendering “knowledge based” security measures obsolete, and better approaches necessary. In this compromised environment, adding the PHC as an access control tool for sensitive online applications would have a substantial impact on hacking and fraud.

For now, the personhood credential is a general proposal, with much work remaining both in designing the overall system and creating specific technical implementations. That means its benefits are still some time in the future, but the online fraud and disinformation it aims to address isn’t going anywhere – if anything, the situation seems poised to get worse. 

SpruceID is proud to have a hand in this major new proposal, and we’ll be contributing our expertise in identity, privacy and encryption to help bring it to fruition. If you see potential for the PHC to strengthen your organization’s digital efforts, please reach out – we’d be excited to learn about your needs, and help you prepare for a more authentic online future.

About SpruceID: SpruceID is building a future where users control their identity and data across all digital interactions. Learn more on our website.