Skip to main content

Posts

Brace yourself for a very very fake internet

It is the start of a new year so like everyone else we have some input for what we think the future holds. For us, the future is Deep Fake . Imagine a future internet littered with AI generated photos of humans who've never existed, except maybe in the form of a doppelganger. If you thought people cat-fishing with decades old photos of themselves was bad, brace yourself for a future where every Instagram model is a certified 10+, without makeup! Imagine a future where the YouTube video you're watching of a funny attractive cooking show host is all fake, an AI generated amalgamation perhaps enriched by elements of the aura of the real human  puppeteer pulling the strings behind the curtain. In this future, everything would be fake, the attractive face, the attractive body, the attractive surroundings, the attractive voice,...ie, everything would be fake and since at this point we would be living a full blown inversion , you'll have no way to tell what is fake exce...
Recent posts

How the FCC can prevent fake comments

The FCC is planning on making changes to its commenting system to deal with fake and abusive comments. Our digital certificate solution is tailor made for this type of problem. With this service, users can leverage their IRS tax transcript as a source of trusted identity information. The service is described in full: https://www.cipheredtrust.com/using-irs/ With the option to both use the API or just generate information certificates, tax payers can finally make valuable use of the trust associated with their transcript information. The certificate can facilitate both anonymous and positive ID verification. And it is currently free!!

Introducing IRS Identity Verification

Today we're announcing the general availability of our IRS based Identity verification service. Since we couldn't get the IRS to directly integrate into the CipheredTrust API, we decided to try the next best thing, a proxy based service. With this service, users can leverage their IRS tax transcript as a source of trusted identity information. The service is described in full: https://www.cipheredtrust.com/using-irs/ With the option to both use the API or just generate information certificates, tax payers can finally make valuable use of the trust associated with their transcript information. Certificates are currently free!!! Imagine a future where you can prove your real name on twitter or your marital status on a dating app? well that future is here!!

IRS Data Retrieval Tool for FAFSA: A perfectly predictable use case

We went through a painful process of trying to get the IRS to integrate into the Cipheredtrust API, without success of course. In the end we had to settle for a browser extension which requires us to hold tax information (only in computer memory for a given session). We hope that eventually we'll be able to convince the IRS to do the integration for the good of every taxpayer who needs it. Recently the FAFSA tool (called the IRS Data Retrieval tool) which students rely on to pull data directly from the IRS into their application was shutdown due to security concerns. The case we made to the IRS for supporting this integration specifically made reference to the integration of the IRS data-source into the Department of Education application as an example of how making it easy and secure for people to leverage their tax information can deliver great value. The benefit of the data retrieval tool is two fold, first it is convenient for students since it automates the completion o...

Trust without Trust, beyond OAuth, OpenID, OpenID Connect...etc

Federated identity brokers (plenty in the market) generally require that the "relying party" and consequently the "principal"/user trust them with sensitive information. The implementation of federated login generally involves the service provider directing the user to select from a preset list of identity providers. Combining these modes of operation you end up with a situation where user privacy and security are both compromised, not a good look for what is meant to be a security solution. Beyond these immediate concerns, the actual specifications on which these identity broker services are based are generally more convoluted than they need to be. OAuth and OpenID are two of the more established standards, unfortunately these standards suffer from tunnel vision, ie they are so focused on the problem of user identity as it relates to login flows that they fail to consider simpler, better and more general approaches to solving the problem. User identity authenti...

Launching the Cipheredtrust API blog

Today we're launching the blog for the Cipheredtrust API with the hope of putting a solution on the market that fully addresses the problem of identity verification on the internet. Checkout the API here: https://www.cipheredtrust.com/ We'll have a lot more to say going forward. In the meantime feel free to post questions here or in the community forum.