257 Audio.mp3: Audio automatically transcribed by Sonix

257 Audio.mp3: this mp3 audio file was automatically transcribed by Sonix with the best speech-to-text algorithms. This transcript may contain errors.

Ankur:

What an AI agent might need to do is to go and carry out that authentication. So when you talk about digital identity, it breaks down to questions of like who am I? What am I allowed to do? So what is what the login with Google question, or entering a username and a password? What that is doing is it's answering at a very basic level who am I? I don't think any of these companies necessarily want to run it as a centralized service, because A there's a lot of content billions, billions of images and videos and so on but if they become the centralized registry of what is AI generated or what is not AI generated, that then becomes a very big political challenge in terms of content moderation.

Craig:

Build the future of multi-agent software with agency. That's A-G-N-T-C-Y. The. Agency is an open source collective building the internet of agents. It's a collaborative layer where agents can discover, connect and work across frameworks. For developers, this means standardized agent discovery tools, seamless protocols for interagent communication and modular components to compose and scale multi-agent workflows Join Crew, ai, langchain, llama, index, browserbase, cisco and dozens more. The agency is dropping code specs and services, no strings attached. Build with other engineers who care about high-quality multi-agent software. Visit agencyorg and add your support. That's A-G-N-T-C-YO-R-G agencyorg and support the project. Let's start by having you introduce yourself. Tell us a little bit about your background educational and professional background, as far as it's relevant to what we're talking about.

Craig:

And then tell me how you got to Checked and what you guys are doing in the larger context.

Ankur:

Absolutely so. Hi, my name is Ankur Banerjee. I'm the CTO and co-founder at Checked, which is a decentralized identity company. I'll go into a second to explain what decentralized identity is, but we are a fairly small startup. We started about four years ago, in 2021.

Ankur:

And the reason why we wanted to go and tackle some of these problems that we see cropping up in the online space around digital identity is because both me and my co-founders have had a background in working on digital identity and fraud within for governments, for banks, for enterprises, large enterprises in healthcare and education, and at the time, we'd sort of been working since around 2017, 2018, on how this could be moved to a new form of identity where people are at the center and in control, and we wanted to solve some of the challenges that we saw cropping up within the decentralized identity space.

Ankur:

I also happen to have a background in working in AI and NLP before I got into digital identity, which relates to a lot of the recent advancements and developments that have been happening, and I've got a couple of patterns in that space myself, having worked, for example, on one of the world's first spoken chatbots in spoken Arabic. So yeah, like you know, it's been a bit of a full circle. Coming back to looking at some of the challenges that are cropping up in the AI and machine learning space, having spent a couple of years in the digital identity space, yeah Well, my interest was initially piqued by this issue.

Craig:

You know, I did an article on MANAS, the multi-agent system out of China, and a lot of people I don't have access but have had access online and it's amazing. It does amazing things. But you send it out into the digital world or onto the Internet and it very quickly runs into roadblocks or onto the internet and it very quickly runs into roadblocks and the human has to intervene to get them past those things like CAPTCHA. And it occurs to me that everyone's talking about what Microsoft calls societies of agents. That will eventually be kind of a base layer to the economy, taking care of a lot of the less creative work or bureaucracy that needs to be done. And there's going to have to be a paradigm change in the way the internet is. Guardrails are set up to allow agents to do that. Was that at all part of your initial motivation or is there a broader issue that I'm not seeing?

Ankur:

I think that was partly the motivation. How does identity get solved for agents? Because, if there's one way I can put it, a lot of the AI agents right now are like naive children. They would essentially go and believe everything that they say, because there's not a lot of intelligence. And where I think it becomes quite interesting is I think there's a couple of different facets to where this identity aspect comes in. The first is you as an individual.

Ankur:

When you go and ask an agent to go do something on your behalf let's say make a travel booking or go and book a restaurant reservation on your behalf it might need to prove that it's been given that task by a real human being and that it has permissions for a specific time and duration. And what I mean by that is obviously these services are also trying to keep out the bad actors who are running bots or AI to perhaps make those same travel bookings. Or the most famous example of this is Ticketmaster, when they're trying to prevent bots which are being run by scalpers from getting all of the Taylor Swift tickets. So big, big Taylor Swift fan myself. And if I wanted to delegate the task to an agent to say when the tickets go on sale at, say, midnight. I don't want to be awake myself. I want to delegate the task of getting those tickets to an AI agent. Prove that it's acting on behalf of a real fan with certain real listening history to Taylor Swift on Spotify and let that through, but don't let the other bots through. And then, secondly, how do you prove, how does the AI agent prove, that it has been given the permission by me to buy tickets for this specific concert or this specific artist, but not to go on a spending spree and book 50 different concerts? So I think that is increasingly going to become a challenge when services start interacting with agents.

Ankur:

The second piece of this is agent-to-agent trust. Perhaps my agent needs to talk to an AI agent that is specialized in the process of ticket buying, maybe because it doesn't know how to do the specific task of ticket buying itself. So how does the AI agent perhaps understand that, in this entire universe of different sites and services that it's coming across, what is a trustworthy agent and what's just the equivalent of a scalper that it shouldn't talk to, equivalent of a scalper that it shouldn't talk to? And so, even when you start looking at the idea of agent to agent trust of whom they, which other agent do they go and trust and which piece of content do they go and trust? It becomes increasingly beyond just the simple problem of do you prove you're human online or do you prove you're an agent. So it's a lot more multifaceted and not just binary.

Craig:

Yeah, and how then do you solve that problem? I mean, it seems on the one hand, a problem on the agent provider side that the agent needs to be able to provide a verified identity, but it's also a problem on the service provider side that they have to make their site available for whatever protocol you guys, or whoever it is, comes up with. So it's a little bit of a chicken and an egg, but how do you solve that?

Ankur:

I think I'll explain the way that people are currently solving it, which is you essentially do the same thing that you do when you click login with Google or login with Facebook. So you would give ChatGPT or any other formal sort of agent, like Manos, for example, just unfettered access to some service, and that's how people are currently solving it. Where we sort of got into this space is we originally started off building enterprise level tools for how does human identity get solved? So, for example, how can people have a trustworthy, tamper-proof digital copy of all of the data that belongs to their life and then have the ability to go and delegate it as well? So there's a lot of governments around the world that are currently right now trialing or in the early stages of deploying some of these digital identity systems, which also have baked in the capability of delegation. And the reason why the government's thought of it initially is there's very common scenarios where a parent might be acting as the guardian or the delegate on behalf of their child, or a person could be acting on behalf of somebody they care for who's older or perhaps less able to carry out actions online.

Ankur:

So initially we'd started off solving around how does digital identity and decentralized identity work for humans and because within those contexts, when we'd been working with large enterprises and governments, they'd already been thinking of those challenges and problems of how does permissions and delegations work across different humans. When this sort of AI agent revolution started off, it was like that's an obvious answer to the problem in a completely different space, and we were early, I think, to recognize that and start applying the same techniques to the EU Digital ID Wallet Initiative, which is built on those exact same industry standards. I mean, I work as a CTO at Checked, but I'm also on the steering committee for something called the Decentralized Identity Foundation, which has loads of large companies that participate and set the specifications on how do these digital identity standards work, and it's an easy sort of step to take. To say, like the kind of robust commissioning, which is a lot more granular than what's been possible with login with Facebook or login with Google, can now be applied in a completely different context where similar sort of challenges are present.

Craig:

Yeah, and just as you were talking, I'm thinking. I mean, not all sites are protected by CAPTCHA or the equivalent. I don't know if that's the only system. A lot of places use two-factor identification and you could give an agent access to your phone messages here, for example, and just have them receive the code and input the code. Is that one way to do this?

Ankur:

It's part of the picture of doing this. Yes, because what an AI agent might need to do is to go and carry out that authentication. So when you talk about digital identity, it breaks down to questions of like who am I, what am I allowed to do? What the login with Google question? Or entering a username and a password? What that is doing is it's answering at a very basic level who am I, what I'm allowed to do is authorization, and that is I am allowed to read emails. Once I log in with this, I'm allowed to carry out a bank transaction.

Ankur:

The kind of technology that we work on for decentralized identity goes a bit beyond those two questions.

Ankur:

It is part of the journey, but it also helps to go and answer beyond the question of who am I and what am I allowed to do, which a lot of the current systems are quite capable of solving. It goes to then answer what are my preferences, what is my history of interacting with a particular service, and having a full digital copy of that, which also actually comes into when you go and delegate an agent to act on your behalf. Let's say you've asked it to go and make a travel booking on your behalf. Not only is it a question of who is it acting on behalf of and are they allowed to make that travel booking or not, but also capturing through these digital credentials how many members do you have in your family, what do they like doing, what are their likes, what are their dislikes, where have they already been? And being able to also provide that to AI agents in a machine-readable form. In what form? I'm sorry, in a machine, a machine readable form?

Craig:

So In what form? I'm sorry.

Ankur:

In a machine readable form, so in a way that I guess you know AI agents will be able to understand it, because they need to go and then express that in a set of actions they take on your behalf. So, yes, like I think, being able to carry out the two-factor steps is definitely part of the picture, because while it's going and making the booking on your behalf, it might need to carry out those actions. But at a broader level, it's about going a bit deeper than just the who am I and what am I allowed to do, and also look at what are the hopes and the preferences and the likes and the dislikes, and being able to express that to AI agents as well in a sort of readable fashion. Now, what's perhaps like an extension to this is when we've been working on this for the government use cases. There's a large part of that is if you take a digital credential that has, say, been issued in France and take it across to the US and prove that you're allowed to enter the country at a border, let's say, showing a driver's license or showing your passport.

Ankur:

Governments needed a way of actually creating these things called trust registries or trust lists, to say this is a recognized country with a passport that we trust, or this is a type of driver's license that we trust. So we adapt the same technology to the AI agent space for the creators of these AI agents and perhaps third-party independent assessors and auditors, to also go and issue digital credentials to AI agents to say, this particular agent is trustworthy on the topic of travel bookings, this other agent is trustworthy on the topic of accountancy, and they can have a multitude of these. The same way that I have a lot of different pieces of plastic in my wallet Some of these are my driver's license, some of these are my residency permit the same way an AI agent might hold multiple digital credentials that say so these are the topics that an AI agent is good at. So these are the topics that an AI agent is good at. Here's maybe a separate digital credential that proves it has been assessed against the EU AI Act and found to be an.

Craig:

AI agent that is set of credentials, a lot differently than something that is not able to go and prove those capabilities. Yeah Well, let's talk about the tech behind it all. I mean, I'm thinking, is there a biometric aspect to this? I mean, judging from your name, you have some roots in the subcontinent and I think India has the largest biometric database in the world. Absolutely, is it tied in that? In that case, it's fingerprint, I think, unless it's evolved. But is this going to be iris scans like the the world coin or world orb or whatever they call it is trying to do? So I mean, you can imagine a day when, yeah, when pieces of plastic and paper passports are really things of the past and you walk up and scan your iris and maybe there's a secondary validation or verification. So how does it work in your case?

Ankur:

So that is definitely, I think, different than our vision or our technology to. For starters, because biometrics are great when you need a really high degree of assurance, as it's called. So things like when you travel across international borders, typically your passport has a chip on it that has your biometrics your face biometrics usually and that allows, when you're going through e-passport gates or presenting it to an official, for them to check if it's the same person that the passport was issued to who's entering through that e-passport gate. Worldcoin, obviously, is trying to do something very similar. The Adar system in India ties things to biometrics but in those government use cases they're often trying to make a very high degree of assurance of use case happen. Usually in day-to-day life you don't need that same level of assurance and it's probably scope and mission creep and also a privacy risk to constantly have to prove biometrics in every other scenario, to constantly have to prove biometrics in every other scenario. Just an example of this is many people when you go through Touch ID or Face ID on your phone, it doesn't actually know that it's tied to one single human being. Many people will put their kids or their partners on the same device because it's easy to you know my hands are tied. I'm driving. Can you reach my phone and check it? And that's completely allowed. Like you know, I am trusting them as my partner or my kid, to give access to my device and I should completely be allowed to do that access to my device and I should completely be allowed to do that. So the kind of technology that we work on, I'd say it's very different from what WorldCoin is using and especially most other blockchain-based use cases.

Ankur:

So most of the time on blockchain, what you do is you go and write some information as a source of truth to a blockchain or a ledger and you trust that everybody can see it at the same time, which is great. When you're thinking about things like money balances and you want everybody to have the same value. It's a really bad idea for biometrics and for any kind of personal information because even if I agreed to do it today and even if you apply any kind of encryption so that the data can't be read by anybody who shouldn't have access to it, you can never erase that. You can never take that back. So even if I'm a consenting user today, at some point maybe 5, 10, 20 years in the future, that particular, encryption technology is going to get broken, probably because of quantum, but even before quantum comes along. Encryption standards go out of date all the time and sometimes they have vulnerabilities in them.

Ankur:

So instead of going and writing that information to some sort of blockchain or ledger, what we do is we only store the cryptographic information that is needed to verify the information on-chain. So, unlike most other use cases, maybe 5% of the action is happening on a blockchain. The rest of it, the actual digital credentials themselves, are in tamper-proof files that you can store on your phone, on your laptop, on any sort of device. You can even print them out into backups in things that work like QR codes. Interesting part of my history into how I got into this the very first project I worked on was to work on decentralized identity for refugees and with the UN High Commission for Refugees, and one of the big aspects of that is do they have smartphones? They did, but they did have $100 Chinese Android phones which were good enough to hold a piece of digital identity that they'd been issued by the UN, and a large part of that was what happens when the phone dies, what happens if somebody loses their phone. So it is possible to back up as well so that if you do lose your device, if it's out of power, there are alternatives that you can fall back to.

Ankur:

But the core of the way our technology works is you have some cryptographic hashes or proof that get written to the chain that allow me, when I go and show that digital credential to you, anybody who sees it can cross-check it against the blockchain and say I can see that the hash matches and say I can see that the hash matches, or I can see that the cryptographic seal is untampered and therefore I know I can go and trust this and um, the.

Ankur:

I guess the, the. The distinction that I'm taking from the kind of technology that world coin is working on is these digital credentials. You can put biometrics into them, but by default most of them don't, because actually putting in a biometric into every single piece of information that is related to you is massive overkill. And it's actually been a big debate amongst the browser vendors around the world where they want to put in something called the digital credentials API into every single large browser that exists. And if every single thing that you held had a biometric, it's very easy to go into the scope creep sort of area where governments say, well, before you access a porn site, you should go and prove your identity with a digital credential, like your driver's license, that has your biometrics attached to it, and I don't think that's necessarily where the world should be moving towards.

Craig:

Build the future of multi-agent software with agency. That's A-G-N-T-C-Y. The agency is an open source collective building the internet of agents. It's a collaborative layer where agents can discover, connect and work across frameworks. For developers, this means standardized agent discovery tools, seamless protocols for interagent communication and modular components to compose and scale multi-agent workflows Join, Crew, AI, Langchain, Llama, Index, Browserbase, Cisco and dozens more. Browser base, cisco and dozens more. The agency is dropping code specs and services, no strings attached. Build with other engineers who care about high quality multi-agent software. Visit agencyorg and add your support. That's a g n dot O-R-G. Agencyorg and support the project. Yeah, so how? What are the? I mean the blockchain registry is kind of a validation.

Ankur:

Yeah, a bit like the domain name system, the way that you might register youtubecom or googlecom and there's a registry that sits behind it that says this is what that address leads to. In a very similar fashion, you create things that are called decentralized identifiers, or DIDs. Or DIDs this is what a lot of the people in the group that's working on Decentralized Identity Foundation work on. Those DIDs are typically cryptographic hashes or cryptographic seals that are written quite often to a blockchain, but it doesn't necessarily have to be and then you go ahead.

Ankur:

And then on the other side, on your own devices, you create or you keep things that are called digital credentials or verifiable credentials verifiable in a cryptographic sense, and what that means is if you show it to someone, they can cryptographically verify that they have been untampered, and you can also choose during these processes to apply additional steps for privacy, like apply something called selective disclosure. So, for example, if you want to know what my name is, I can show you additional credential that was derived from my passport or driver's license without actually sharing my home address, which might also be on that same digital credential, but actually that's irrelevant to the interaction that we are having, and so therefore, I shouldn't need to go in and show you the other parts of that, like my home address, that maybe don't relate to the interaction.

Craig:

Yeah, which reminds me I hate putting my address into those forms because you have no idea where it's going, and so is it the same process then that you're porting over to the digital identity of AI systems? And I started talking about agents and the issues that arise for identity with agents, but is it broader than agents? Are you looking at something larger than that?

Ankur:

There's a yes, so it's exactly the same technology.

Ankur:

So the same way that you could go and describe a digital credential that has things like your passport, driver's license, education, history, healthcare history, financial history into these digital credentials, you could similarly go and capture and put into these digital credentials these are the topics that I trust this particular AI agent on and this is the duration that it's authorized for, or a company could go and issue a credential to that AI agent that says it's been accredited or assessed to this standard. The sort of tangential and related space that comes in is something called content credentials, and content credentials is a coalition that includes companies like Microsoft and Intel, google, adobe, who've been working on. How can you have a chain of custody that proves a particular image or video or audio is AI generated or human generated of video or audio, is AI generated or human generated? But again, not as a binary question, but as a chain of history of every single edit that has happened to that picture, because editing is not bad, like, maybe you have a human model and you're using an AI backdrop, that's okay.

Ankur:

But somebody who's viewing that picture should be able to see that there was a human model used and there was an AI backdrop that got inserted in. You can actually try this now. If there's ever an image that you create using ChatGPT or um dolly go, paste it into one of the websites that support reading content credentials, like linkedin, and, and you'll see a tiny logo that says cr that stands for content credential, and you click on it and it will start showing you the history behind all of this. Um. Now what's quite interesting is, I don't think any of these companies necessarily want to run it as a centralized service, because A there's a lot of content billions, billions, billions of images and videos and so on but if they become the centralized registry of what is AI generated or what is not AI generated, that then becomes a very big political challenge in terms of content moderation, and so, therefore, they don't want that problem it to be self-contained and cryptographically provable, along with the video or the piece of image that comes along to understand what edits happen to it, and also because I think some edits are fine. Maybe you use AI to remove a building from the background in a picture that you've taken on your holiday or or um Getty images is is blurring out the pictures that were taken by someone at a protest to, to, you know, protect their identity, right? Um? What's quite fascinating is, uh, we, uh, there are companies like Leica and Samsung that are building in the capability of of starting this, the capability of starting this from the chip on the camera itself. So, from the moment a picture is taken, every single step will have a content credential of what the edit was made to. It is.

Ankur:

How can then AI agents use this as part of their assessment of when they come across information, to see is this trustworthy or not, the same way that a human might perhaps try and apply the same filter in a couple of years' time. Where it also sort of becomes quite interesting is when you then go and train AI agents. A lot of the over the past sort of two or three years, a lot of the data has become computer-generated, ai-generated, and, essentially because these are very good parrots of parroting information, people do want to start distinguishing this training on what's based on actual human-generated data that it wants to go and mimic and what is synthetic data. Already studies that show at somewhere close to just five or 7% of the information being synthetic or AI generated, it just starts producing garbage because it's not able to distinguish what's the right thing. It's go that that it should be able to go and mimic versus just AI generated slop. That that that it shouldn't start skewing towards.

Craig:

Yeah, so how does? Where do I go from this?

Ankur:

Lots of different things there yeah, yeah.

Craig:

Well, let's focus on agents. How do agents, how do you see this being implemented? And, as I said, on the one hand, you need to build a critical mass of agents using this protocol, but, on the other side, you need to build a critical mass of websites or other services that are accepting or have a reader or something that allows agents through, based on this protocol.

Ankur:

I think that's absolutely early days on a lot of these topics. One of the what we've worked on is I don't know if you've heard of something that came out of Anthropic called Model Context Protocol or MCP yeah, of course.

Ankur:

And it's a way of giving AI agents structured access to tools or structured access to different kinds of information, identity or digital identity sort of software like you know creators to give MC or create MCP tools that can talk and understand decentralized identifiers that can talk and understand digital credentials that could either be credentials for the AI agent themselves permissions that they have received from human beings, or digital credentials that have been attached to content in terms of content credentials.

Ankur:

And what's been quite fascinating is a lot of these ideas were bubbling around for a long time within the identity as well as the AI industry.

Ankur:

Mcp only came out last year, november, so just before Christmas and I think what was sort of unsure for a while is how, you know, how does this scale beyond just the AI agents based on created by Anthropic or the people that support MCP, based on created by Anthropic or the people that support MCP?

Ankur:

What's happened within the past one or two weeks is OpenAI has come out and said, yes, we are going to go and add this to OpenAI's ChatGPT desktop app and to the OpenAI agent toolkit, and a very similar statement came out from Google, which is one of the other sort of large providers for AI agents and frameworks. So what we start sort of seeing is the problem is being recognized by people, that, on on one hand, we have capture and we have a bot protection that we run on websites that that keep ai agents out. On the other hand, every single one of these companies um wants, uh to, to give people the idea of, like, actually, you know what, let's, let, let'sload, take that task off your hands. And so they do want to go and solve these problems. The big breakthrough, I'd say in terms of adoption that's happened is the number of services and the number of AI agent makers that have started supporting MCP or model context protocol, within the last five to six months.

Craig:

Yeah, and so you would check, or some other verified identity protocol would be, or would be, a tool that model context protocol could interface with or integrate into a model. Is that right?

Ankur:

Exactly.

Ankur:

And what model context protocol is great at is to capture those things into sort of rigid rules or you know sort of rules, because before that that people were doing the same thing that mcp does, but by using very long and complicated prompts, which is not guaranteed to work, and and and it's sort of like you know hit or miss on whether that works or not.

Ankur:

Um, we've also been engaged with some other emerging standards and protocols. There's some very interesting research coming out of Stanford on something called DISPY, which is writing prompts as code. But I think the biggest sort of evolution on this side has been model context protocol protocol, and what that sort of currently doesn't do is it entirely does not talk about how does identity get handled, how do you handle permissions, how do agents get some mechanism through which they can understand what is the content they're seeing and how trustworthy it is? And that's where Checked and hopefully other decentralized identity providers can add that sort of toolkit to the set of arsenal that AI agents have on how they can be trusted and how they can trust the information they're coming across.

Craig:

Yeah, and MCP is is like the universal interface, right, so you don't have to use API keys and things like that. How how does an AI agent that has MPC, mcp, in its architecture I'm not quite sure how to say that, but how does it cycle through all of the various verification tools out there through MCP to find the one that's going to unlock that website?

Ankur:

There's an answer for what happens now versus what happens in perhaps the future versus what happens in perhaps the future. So right now, you have to tell the AI agent Simplest example is Claude Desktop, which comes from Anthropic. It's one of the big places where people are testing and building all of this software so you have to go and explicitly tell it that here's the set of tools that I'm attaching and giving to you. So you might go and attach a tool for Google search. You might go and attach a tool for understanding digital credentials and explicitly tell it that go use this. But, given how core some of these problems are, two things that I expect to happen within the next year. The first is the same way that you have Apple Wallet or Google Wallet built in on your phone and that's where you currently store digital credentials. Or maybe there's a different digital ID app you use. Agents will come with an identity wallet built in the way that they currently don't particularly do or handle right now, and this is where they'll store digital credentials they have been given to handle, as well as things that the humans that they work with give on their behalf.

Ankur:

And the second thing is where MCP sort of evolves to is looking, giving agents the ability to autonomously determine which tools to go and pick. And that again comes back to similar sort of challenges like which AI agents do we go and trust? But because these trust models can often be started off by government lists or government-trusted lists or maybe industry association lists of what's a trustworthy agent industry association lists of what's a trustworthy agent that I think starts becoming the starting, the launchpad for an initial set of tools that the AI agents can discover by themselves and then from maybe those trusted tools or trusted agents, they can go and ask almost in a sense, what are the other tools and what are the other agents do you trust and start discovering from that basis. So I think there's a lot of steps to get there, because MCP itself is fairly new. But what I think is quite interesting in this space is the way that this can be expressed is explicitly what a lot of the decentralized identity digital credentials have been built to solve.

Craig:

And where is it? So, right now, if you're, I mean you can do this now right.

Craig:

So if you're building an agent, you can pick checked or you can pick I don't know who else is out there this is all new to me access through an MCP to those tools. And then, when the agent is out in the cyberspace and runs across something that is asking for it to verify its identity, it would cough up checked. But if that service or site doesn't use or recognize checked, I mean what's going to happen? That the I'm going back to the Taylor Swift ticket issue will Ticketmaster, just you know, review all these various identity tools and add a whole bunch of them? So if you come in, if your agent comes in and offers check, check is one of the tools that the master uses and it'll verify the agent's identity and let it through. Is that how you imagine that happening?

Ankur:

Yeah, it would. It would partly be that they would need to understand the digital credential formats. Now what's quite interesting is that this kind of technology is not just proprietary to us at checked, that this kind of technology is not just proprietary to us at Checked. We have built our own improvements and additions on top, but a lot of the technology standards for this get set at places like W3C, which is World Wide Web Consortium, and that is the nonprofit organization that sets how HTML works and how websites work. So, the same way that Ticketmaster has adopted HTML to go create its website, it would have to add support for the digital credential specification that has come from W3C, which is, again, yes, that is a step that the website would need to take. But given that a lot of the web standards do get set and adopted by companies from what's happening at W3C, it's a bit of an easier ask than saying just go and do this specific thing. For what Checked has done. It works, not just with the kinds of digital credentials that we might build, but hopefully someday that Wellcoin also does. Wellcoin hopefully, instead of going and doing their own thing, hopefully adopts the digital credential standard that W3C has come up with and expresses it in that format.

Ankur:

The second answer is the second part of that is, we've also acknowledged the fact that not every single company is immediately going to switch over to starting to use decentralized identities, and so we worked with a research institute in Germany called Fraunhofer Institute Fun fact, they're the people who invented MP3. So, as a format back in the 90s, so we worked with Fraunhofer on a piece of software and a specification that allows you to tie these decentralized identifiers that are written, usually on blockchains, to standard domain names. So like this identifier will attach to craig's home domain name and this one attaches to Checked's website and this one attaches to Microsoftcom, and they're able to go through that entire list of accreditations or trust that additional credential that might have received and translate it back to the traditional domain name system. What's quite powerful about that is there are already mechanisms that exist to understand. Do I trust this website more than that website?

Ankur:

And there's a lot of ranking that gets done by things like search engines or some sort of assessment that can be done, because I fully understand that sort of transition from the way that identity and trust gets handled now to a decentralized way of doing it might take time and there will be people who are further ahead and people who are further behind. And so that's why we worked on this sort of project with Fraunhofer to look at what happens in the middle. What happens when maybe five companies have adopted decentralized identity but then the rest of the billions or millions of companies haven't done that yet? How can they still go and utilize this? And and that's one of the other sort of like unique aspects of the work that we've done at checked um which, uh, a lot of the other sort of like you know, models, for example, like the one that world coin is building, doesn't actually accommodate that like, like you know, it's very much come across to, like you know, all or nothing into the new world, which I don't think is very pragmatic, unfortunately.

Craig:

Does this mean that CAPTCHA will eventually go away or will CAPTCHA run alongside? If an agent runs into a site, there will be something unseen to the user that happens, that allows the agent through.

Ankur:

I think CAPTCHA will still be around. Be around because capture is solvable by AI but it's expensive. So you know, you have to be really motivated to take a screenshot of something and feed it to open AI, to chat GPT. It could probably solve it, but do you care that much? So it does take out a lot of low-level automation and and the way that I sort of described this proof of humanity or proof personhood is, it lies on a spectrum. At one end. You have capture and just prove you are a human.

Ankur:

Um, there's a very different question, which is prove that you are that specific human and prove that you're Craig Smith, or prove that you are a human that lives in the US, or prove that you're a human that lives in the UK. Captcha doesn't solve that. Captcha is only looking at are you non-autated to? To a very low level extent and, to be honest, there's definitely value in that. Uh, like it just takes out the dumbest, simplest kinds of automation.

Ankur:

Um, that that somebody might be able to write where you get into after that is, I think, proof of humanity is useful, but sometimes there are other different aspects to that which also need to get solved that don't necessarily get solved. Like. It's great that you can prove proof of humanity, that it's backed by a biometric and it's definitely a person. But people have multiple passports. People might go and register with multiple systems and it still doesn't go and solve the question of like are you specifically Craig Smith? And that's the legal identity that you have. It doesn't solve, like you know. Do you live? Have you lived in a particular part of town for the last five years or 10 years? Those become more complicated questions, and what's quite good about these industry standards that have been created at W3C is it's flexible enough to go and accommodate the whole range of those questions and not just one narrow piece of it, which is are you a human or not?

Craig:

Yeah, just as you're talking, I'm thinking about some of the verifications on the internet. So many websites will ask you to verify that you're over 18. Yeah, you know YouTube. You have to log in with an identity in which you put in your birth date, but most is just a button. You know, yes, I'm over 18, which to me seems like a pretty big loophole for certainly for parents who are concerned about what their children are seeing on the internet. Do you see that being solved? I mean, we're getting into human identity, which is different from what you guys are doing.

Ankur:

We are also working on problems like that because, at the core of it, the big sort of problem we wanted to solve is decentralized identity and having a copy of your own data for yourself sounds great, but why would any company ever do that? Decentralized identity and having a copy of your own data for yourself sounds great, but why would any company ever do that? Like what's the commercial incentive or value for them? The reason why we have your data in a silo held by big tech companies is because they derive a lot of value out of it. They sell ads off the back of that. They derive a lot of value out of it. They sell ads off the back of that, so they have absolutely zero incentive to give you a copy of your own information Because they see it as that just lets you walk out of the door to our competitor more easily. And so, although the space has existed for a while, what we are quite uniquely doing at Checked is we built a privacy preserving mechanism where, if you use a digital credential that has been issued by a company to say, maybe, transfer across your e-commerce preferences or prove that you're above the age of 18 without revealing too much information so not revealing your name, not revealing your actual date of birth, maybe from something that was issued by your bank, because your bank did a background check on you before they allowed you to open a bank account.

Ankur: 56:47

We built a mechanism that allows the bank to get paid in a completely privacy-preserving fashion. They don't know who went and used the credential, they don't know what information got shared, they don't know absolutely anything about when that interaction happened, but it then starts giving them an incentive to give you a copy of that information. It doesn't mean the bank doesn't need to hold on to your information. Of course they do, because they're a customer. They need to know where you live, they need to know your name, et cetera, et cetera.

Ankur:

But by giving you a digitally tamper-proof copy that you can then start using to prove that you're human online, or prove you're above 18, or prove that you live at that specific address, when you're about to go and buy a $5,000 MacBook, and prove to Apple that you're not a scammer who's buying this with a stolen credit card, your bank knows that you've lived there for five years. There's a lot of value in answering that question, and we enable that to happen as well. So the AI agent piece of it has been a large part of the focus for, I guess, the last sort of like year and a half, but we actually have 50 different app developers and companies that are building solutions on top of the checked network. Some of them, in fact, are going and solving problems for humans and pop in various different countries and use cases.

Craig:

Yeah.

Sonix is the world’s most advanced automated transcription, translation, and subtitling platform. Fast, accurate, and affordable.

Automatically convert your mp3 files to text (txt file), Microsoft Word (docx file), and SubRip Subtitle (srt file) in minutes.

Sonix has many features that you'd love including world-class support, collaboration tools, advanced search, enterprise-grade admin tools, and easily transcribe your Zoom meetings. Try Sonix for free today.