BY CAREY O’CONNOR KOLAJA
We’ve been living in the experience economy for decades now, valuing experiences more than things. However, things are what connect, power, create, and capture our experiences.
Things have landed roles in Hollywood, like WALL-E, Lightning McQueen, Forky, or Lost In Space’s Robot.
Things let us talk to other things, like the internet or refrigerator or lamp.
Things are what let us see Mars. (Our friends, family and colleagues, too, these days.)
Things are what bring us together to compete and celebrate, like a basketball, a golf club, a football.
Why am I doting on this?
At the superficial level, I started thinking about identity as it relates to things when Fitbit was launched in 2007. You saw stories of people attaching the Fitbit to a ceiling fan or their dog to beat their friends in a friendly daily steps competition. It didn’t really matter at the time that not all steps were legitimate steps taken by the owner; a little bit of distorting personal facts was fun, not fraud.
Fast forward to 2020 and verifying that the Fitbit is mine and those “measured” steps are real is critical for determining my healthcare policy premium. Distorting the identity of things and an identifiable association with their owner is no longer acceptable. Acknowledging that things deserve to have an identity is critical to ensure equitable access, security and inclusion in our daily lives.
Have things ever had an “identity”?
Yes! Take the automobile. Car enthusiasts Quadratec quickly explain:
In the mid 1950’s American automobile manufacturers began stamping and casting identifying numbers on cars and their parts. The vehicle identification number has become referred to as the “VIN”. The obvious purpose was to give an accurate description of the vehicle when mass production numbers were starting to climb in very significant numbers.
In the early 1980’s the National Highway Traffic Safety Administration (U.S. Dept. of Transport) required that all road vehicles must contain a 17 character VIN. Thus, establishing a unique “DNA” style number for each unique vehicle which rolled off the assembly line.
And of course our devices have their own VINs, masked as a serial number. Take a walk around your home, each device we see—a laptop, watch, console, TV—has an equivalent of a VIN or a “social security number | tax ID.”
Why do more things need a “VIN”?
There is an emerging movement from the internet of things (IoT) to the identity of things (see BBVA’s blog from earlier this year). While the discussion is rightfully centered on protecting breaches of connected refrigerators or connected cars, a foundation to keep our world of 75 billion connected entities secure, the conversation I am most intrigued by is one where human identity meets identity of things which meets new business models.
The Identity of Things (IDoT) is an area of endeavor that involves assigning unique identifiers (UID) with associated metadata to devices and objects (things), enabling them to connect and communicate effectively with other entities over the Internet.
The metadata associated with the UID collectively defines the identity of an endpoint. IDoT is an essential component of IoT, in which almost anything imaginable can be addressed and networked for exchange of data online. In this context, a thing can be any entity and without a UID the system becomes anonymous and unverifiable.
Tying our identity to a thing’s identity
In short, many more things need a “VIN” to allow service providers, financial institutions, educators, and individuals to uniquely bind them to a person for verification.
Being able to identify and connect the desired Sonos speaker to the internet is one thing. But being able to verify the iPad being used for a telemedicine visit belongs to me and I am in fact the person logging into the session via the iPad and that the insurance card I present is verifiably mine—the emerging interdependency of the thing being connected to a piece of my identity and my health—is when this concept of IDoT becomes more critical.
We have arrived at a pivotal moment when our behavior and choices that are captured by “things” are now influencing our financial well-being, our right to participate in sports, our right to access restaurants, buildings, and to cross state and country borders. Who I am, the things that are capturing my behavior, and the connection of these things to services and decisioning bodies need to be triangulated and verified.
As IoT applications are becoming more ubiquitous, new opportunities for cyber criminals and fraudsters open up. With data transferred back and forth from system to system and device to device, the risk of interception and manipulation increases. New IoT products may also lead to new types of applications and claims fraud that would be better navigated with a complementary IDoT system.
IDoT in plain terms
While there are ample opportunities to push the thread on the connection of IOT to IDoT, its many deeply technical aspects and why it matters, let’s consider three applications of the conversation that are changing business models that touch our daily lives:
- Wearable Technology: Body sensors are now driving decisions and access rights. How I take care of myself changes my insurance premium. Knowing an athlete’s heart rate changes my sportsbook bet. Project Jacquard has opened up our imagination for the application of athletic, daily wear and designer clothing to have a bigger role in our lives via the weaving of computing threads into our garments.
- Smart Homes: Sure the delight of being able to optimize and automate utilities is wonderful, but what if someone creates a virtual home that emits all the same signals to somehow dupe my bill or uses that virtual home to con a sale or rental?
- Connected Cars: Programs like Allstate’s Milewise provide a new kind of car insurance based on miles driven and the miles are verified by a mileage tracking device plugged into your car’s diagnostic OBD-II port.
You can start to picture the line that goes from your identity to your personal device to your actions, access, obligations—and the many vulnerable points it creates for fraud.
How we solve for protecting this lifeline may seem daunting, but understanding and appreciating the dynamics of modern identity and the secret life of things is something we all can and should try to do.