Humanity Protocol is building a secure, private Web3 identity system with zk-proofs and palm scans: An interview with founder Terence Kwok
Highly secure and accessible, palm recognition offers a great way to verify and manage your identity. Humanity Protocol is making headlines with its idea of leveraging palm biometrics and zk-proofs to build a secure, private, and universally accessible digital identity system.
The drive behind this concept is well-intentioned. However, like other biometric methods, user privacy remains the top concern. Is it possible to keep this technology secure without giving up personal rights? Can this convenience come at the cost of our privacy?
Humanity Protocol believes they have a solution that addresses these concerns. We spoke with Terence Kwok, founder of Humanity Protocol, to learn more about how the protocol protects privacy, why palm recognition is better than other methods, what zk-proofs do, and how they meet regulatory rules.
Palm recognition could bring a balance of security and convenience
Crypto Briefing – To start off, could you tell us a bit about what prompted Humanity Protocol to explore palm recognition technology? What specific advantages does it offer over other biometric systems like fingerprint scanning or iris recognition?
Terence Kwok – Palm recognition technology offers a balanced combination of security, robustness, and better user experience compared to other forms of biometrics. We’re already familiar with using fingerprints and facial recognition on our devices, but palm scans take it a step further with intricate vein patterns and other unique attributes that tend to stay the same over the course of an individual’s life.
Iris scans may offer the same benefits but often require specialized hardware stationed at multiple locations to onboard users en masse. Palm prints on the other hand (pun intended), can be captured by our mobile devices quickly and conveniently.
With our aim to become Web3’s human layer, we were mindful of these factors and wanted to go with a form of biometric that is more feature-rich than fingerprints, convenient for users and less susceptible to wear.
Crypto Briefing – How does your system handle potential variations in palm prints due to age, injury, or issues like dirty, damaged palms?
Terence Kwok – Our palms are susceptible to daily wear and tear, injuries, dirt, and ageing — but to a much smaller degree than other biometric options, mainly facial recognition and fingerprints.
Our proprietary palm recognition technology is designed to handle these challenges. Advanced algorithms and machine learning can account for superficial changes in the palm’s surface, such as dirt or minor injuries, ensuring consistent and accurate identification. We’re also reading individuals’ vein patterns beneath the surface of their palms, and this remains consistent throughout a person’s life.
As with all methods of biometric authentication, there can be instances where our technology is unable to function as intended — this includes more severe injuries that affect vein patterns.
Humanity Protocol prioritizes user control, data security, and regulatory compliance
Crypto Briefing – Can you share more about the specific data points extracted from palm scans and how long this data is stored before deletion?
Terence Kwok – In our initial phase, we’ll acquire a high-definition image of the palm which will be tied to the user. Our AI model will then classify these palm prints to identify unique attributes that ensure the individual is what we call a “unique human” — this will allow us to ensure each individual who registers for PoH is unique.
We don’t store this information. Biometric information is stored across multiple nodes on the Humanity Protocol and can be deleted by the user at any time.
Crypto Briefing – Can you elaborate on the privacy measures that Humanity Protocol has in place to prevent unauthorized access or data breaches? Like are users able to revoke access to their data or have it deleted from the system?
Terence Kwok – We don’t store any user information on centralized systems. With decentralized storage and zero-knowledge proofs, users maintain control of their private data and can choose to selectively share them on a minimal, ”need-to-know” basis. This means user data will not be monetized, which is a common practice at the moment with larger tech companies that have access to large amounts of user information.
This decentralized architecture also removes single points of failure as data is fragmented and stored across multiple nodes. Users have full control over their data, which also allows them to delete this information anytime.
Crypto Briefing – Given the sensitivity around biometric data, how has user feedback influenced the development and implementation of this technology?
Terence Kwok – We’ve had positive feedback from our community. Particularly about the ease of onboarding, low barrier of entry and the familiarity of palm scans over other solutions that are available.
For instance, iris scans can seem dystopian and unfamiliar to those who see the value in a Proof of Humanity solution but don’t wish to travel to the closest center that has the appropriate device and scan their iris to do this.
Crypto Briefing – How will you comply with data privacy regulations in different countries concerning biometric data collection? Are there any ongoing discussions with governments or regulatory bodies regarding the potential adoption of Humanity Protocol?
Terence Kwok – Our legal and compliance partners have been in talks with various regulators and jurisdictions to ensure we’re remaining compliant as we build our solution. Building this form of identity graph is still a fairly new concept and navigating it has been challenging, but we’re committed to ensuring we’re on the right track when it comes to data protection laws.
Humanity Protocol leverages zk-proofs to ensure user privacy
Crypto Briefing – How does Humanity Protocol incorporate advancements in zk-proof technology to achieve privacy-preserving identity verification?
Terence Kwok – Proof of Humanity allows users to prove specific identity attributes and sensitive information without revealing personal data using zk-proofs.
Our use of zk-proofs enables verification by providing cryptographic evidence of a claim, such as name, age, or any other sensitive information, without exposing the actual information to third-party dApps or other users. This maintains a high level of security by preventing data breaches and identity theft.
Zk-proofs also improve blockchain scalability and reduce transaction costs by minimizing the data processed on-chain, making PoH scalable and suitable for handling a large volume of transactions.
Crypto Briefing – How do you see zk-proofs playing a role in shaping the future of digital identity management systems, considering both user privacy and regulatory compliance?
Terence Kwok – The current state of data management isn’t fit for purpose anymore. Centralized data storage continues to suffer data breaches, hacks and leaks, and the adversaries in these situations are getting increasingly sophisticated.
There have been multiple instances in the past week alone where thousands of people have been impacted by data leaks from their healthcare providers, employers and schools globally. This leaves people exposed to potential identity theft and phishing attacks.
With zk-proofs, this information can be fragmented and stored securely across multiple zkProofers that then attest to the validity of each piece of information. This means businesses don’t have to store this information themselves. Regulation around this should also keep up with current technological developments and capabilities too.
Crypto Briefing – How will your system handle a large user base with millions of users verifying their identities simultaneously?
Terence Kwok – PoH runs on Humanity Protocol, a zkEVM Layer 2 chain. We use zk-rollups to maintain scalability and maximize throughput as we expand and onboard more users. Ensuring scalability and efficiency has been a priority for us as we’ve seen significant interest from the public and gained over half a million waitlist applicants in just one month.
We’ll also grow more robust as we begin onboarding zkProofers onto our network. This means we won’t compromise security and functionality for the sake of scalability.
Beyond Web3
Crypto Briefing – How do you envision Humanity Protocol’s palm recognition technology expanding beyond Web3 applications and integrating with traditional sectors like finance or healthcare?
Terence Kwok – In finance, our technology will provide robust security for transactions and identity verification, significantly reducing fraud and enhancing user experience. Users can also prove their ownership of real-world assets, such as real estate, fine jewelry, and art, without revealing any sensitive details that can be exploited to harm the owners, such as their value of these assets or where they are located.
KYC will also be made smoother, as Proof of Humanity will allow financial institutions to verify that a customer is who they claim to be without having to store sensitive information themselves.
In healthcare, it will ensure precise patient identification, streamlining administrative processes and improving patient care quality while protecting a patient’s identity.
In fact, a study conducted at the University of New South Wales emphasized that zk-proofs might play a big role in disability inclusion. Paired with biometric authentication, schools and hospitals will be able to identify individuals who require assistance or support with disabilities and make these services accessible to them without requiring them to reveal any personally identifiable information to others.
Crypto Briefing – To finish off, can you elaborate on some specific real-world use cases envisioned for Humanity Protocol’s verification system?
Terence Kwok – For instance, I might be able to show proof of funds for a large purchase without having to share my bank statements with middlemen, such as brokers or lenders. This means I can prove that I have access to the level of cash required to get a loan or complete the purchase while keeping this information confidential.
Another real-world use case is proving a learning disability at school to access restricted services, such as additional classes or extra time to complete assignments.
A student may not be open to revealing this sensitive information to their peers and teachers. However, if they can prove that they require assistance due to a disability without revealing the specific nature of their disability, students may be more open to seeking the assistance they need.
This can mean simply scanning their palm and uploading the documentation they’ll need to prove that they’re eligible for assistance. This document won’t be revealed to third parties — they’ll only be able to see if a student is eligible for a service or not.