Identity Theft: A Persisting Challenge To Privacy

Today, as the blockchain use cases successfully proliferate from healthcare, communication, aerospace & defense to logistics, it poses a million-dollar question. Do we finally have a solution to effectively combat the scourge of identity theft that has hit 42 million citizens in the United States alone, causing a loss of $52 billion in 2021? More importantly, what implication does it hold for a third-world country like India, where 2 in every 5 consumers have been exposed to identity theft attempts? Surprisingly, the law of the land prescribes imprisonment of up to three years and a measly monetary penalty for the offense U/S 66C of the Information Technology Act, 2000. Clearly, individual privacy deserves a stronger deterrent!

However, it is easier said than done. What makes identity theft more menacing is its constantly evolving nature posing financial, security, and reputational risk for both institutions and individuals. Today cybercriminals can employ several methods, including account takeovers, data breaches, and payment card fraud, to gain access to sensitive information like name, Aadhar and PAN number, bank account number and credit card credentials, and driver’s license details. Malicious actors can use such information to morph the victim’s identity to secure illicit monetary gains like making online purchases or paying medical bills.

A Threat With Multiple Dimensions

At present, there are multiple attack vectors for perpetrating identity theft, with new ones coming up at an alarming rate. For instance, Synthetic Identity Fraud in which the stolen personal details of various users are collated to develop a fake identity. These new identities can be used to conduct illegal activities like money laundering, cyber extortion, or Dark Web transactions by avoiding the law enforcement radar. Fake e-commerce fronts and phishing emails with attractive offers are often used with notorious efficiency to trick and harness payment details from unsuspecting consumers. In medical identity theft, unrestricted access to name and insurance information can be used by criminals to get prescription drugs, access medical services, or obtain medical devices at the cost of hapless patients.  

Blockchain: Built For The Challenge

Today while digital touchpoints are exponentially rising, conventional identity safeguards are struggling to keep up with the innovativeness of fraudsters. However, blockchain technology, by its inherent nature, is designed for the challenge, bringing in the following aspects to make identity theft much more difficult, if not impossible:

Immutability: In contrast to conventional data systems, one of the most striking features of a blockchain network is its immutable or unalterable fundamentals, making unauthorized replication of information impossible. Blockchain systems operate through a system of nodes, with each node maintaining a copy of the digital ledger. Adding a new block or transaction into the chain is subjected to each node’s validation, protecting the system’s transparency and integrity. Also, once a block is added, it can no longer be edited, deleted, or updated without leaving some form of digital evidence of data tampering.

Decentralization: Rather than consolidating control on a central data authority, blockchain operates through decentralization of trust and data ownership. In the absence of single oversight, blockchain puts control directly into the hands of the individual users who can use it to store digital currencies, essential documents, contracts, and assets using their private keys. This makes it infinitely more difficult for cybercriminals to target and pilfer Personal Identifiable Information (PII) by breaking it into a single location. Moreover, since most of the operations on the blockchain are automated, it further reduces the chances of breaches due to human errors. 

Security: Blockchain networks offer better security than conventional data systems due to an absence of a single point of failure. Moreover, all the information stored in the blockchain is hashed cryptographically, with each block in the ledger generating a unique hash of its own and containing the hash of the previous block. So any attempts to tamper or pilfer the data will involve altering all the hash IDs stored along every node of the chain. Since billions of nodes could be operating along the chain containing the copy of the ledger and unique hash IDs, making such changes without being detected is practically impossible.

Intelligence: While predefined security policies guide conventional data architectures, blockchain networks operate on dynamic consensus algorithms at their core. These algorithms are self-evolving, continuously learning from past mistakes and redefining how nodes along the chain will validate transactions. Consequently, while static security policy may struggle to keep up with new identity theft techniques, blockchain, using such smart consensus algorithms, will likely stay one step ahead!

Ensuring Transparency & Accountability With Blockchain

It is heartening to note that blockchain technology and its relevance in making digital transactions safer is not lost on the powers that be. In January 2021, the Ministry of Electronics and Information Technology (MeitY), Government of India, published the National Strategy on Blockchain, outlining the scope of the technology in India and laying out a roadmap for its adoption in the country, highlighting the outcomes in the next five years.

Several states have taken up the cue. Noteworthy among them is Karnataka, which topped the list of identity theft cases in 2021. Here Centre for Smart Governance, a specialized agency of the Government of Karnataka, has partnered with CRUBN, an IIT-Kanpur incubated company, to develop a permissioned blockchain network to drive the eGovernment Procurement (e-GP) systems. The project is aimed to integrate and ensure the transparency of over 50 e-GP systems spanning across the organizations and departments of the Government of Karnataka. The blockchain network will be governed by the rules decided by the consortium of e-GP systems across the country and is expected to optimize the cost of tendering, making procurement fast, efficient and fair.

Conclusion

Blockchain is a technology whose time has come. More so for a country like India that has been battling systemic corruption and malfeasance for decades. Thanks to a proactive government and an equally capable private sector in India, the landscape seems ripe for blockchain applications to thrive. Now, there is no reason why we as a Nation should do anything but seize the promises that technology has in store.