Worldcoin Crypto Project Aims to Let You Prove Your Identity While Remaining Anonymous

A few weeks ago, we wrote about the threat to privacy that central bank digital currencies (CBDCs) represent. Worldcoin is a potential answer to this problem. The project aims to create a new cryptocurrency “to enable universal access to the global economy,” while tackling two key issues that are increasingly relevant today: proving you are human, and not a bot, and establishing your unique identity while preserving your privacy. Proving your identity may seem a rather abstract issue, but it’s increasingly important in a world flooded with content produced by bots and AI systems. Worldcoin’s approach is based on 3 elements:

• World ID: A privacy-preserving digital identity designed to help solve important, identity-based challenges, including proving an individual’s unique personhood.
• Worldcoin token (WLD): The first digital currency to be freely distributed to people for just being a unique human, where laws allow.
• World App: The first World ID-compatible app that enables payment, purchases, and transfers globally using digital assets and fiat-backed stablecoins.

The World ID system uses advanced techniques to preserve privacy.  It’s designed to facilitate signing in to web sites and mobile apps by proving you’re a “unique and real person,” but doing so without sharing personal data like names or emails. A key part of World ID’s system is the Orb, a biometric imaging device. Worldcoin claims that it “privately and securely verifies an individual’s unique personhood.” Worldcoin says that ultimately it will open source the Orb’s design.  

The Orb’s main job is to determine if someone is an actual living person that is not attempting to cheat the system. It does this with a variety of camera sensors and machine learning models that analyze facial features and iris characteristics. Once that determination is made, the Orb takes pictures of the person’s irises, and uses machine learning models and other computer vision techniques to create an iris code, which is a numerical representation of the most important features of an individual’s iris pattern. 

Worldcoin emphasizes that all these operations take place on the Orb; no images leave the device unless explicitly authorized by the person being scanned — see below for more on this. The iris code is encrypted and then sent to Worldcoin where it’s used to establish a user’s uniqueness, but not their identity.  Zero-Knowledge Proofs (ZKPs) are at the heart of the World ID system. The details are rather technical, but the privacy benefits are clear:

Whenever a user makes use of their World ID, ZKPs are used to prove they are a unique human. This means no third-party will ever know a user’s World ID or wallet public key, and in particular cannot track users across applications. It also guarantees that using World ID is not tied to any biometrical data or iris codes. When you want to prove you are a unique human, you should be able to do so without revealing any personal information about yourself.

Worldcoin’s Biometric Consent Form provides more details on how user privacy is protected. For example, Worldcoin says it will adhere to the EU’s GDPR standards for all users, even for those in locations where weaker privacy protection laws apply. Despite that commitment, EU data protection authorities in France and Germany are already investigating whether the use of sensitive biometric data is GDPR compliant. The UK is also conducting its own analyses of the approach. If it is found that the Worldcoin approach is not GDPR compliant, that could be a big problem for the project. The Kenyan government has already suspended the project over privacy concerns, pending further investigations to ascertain “the safety and protection of the data being harvested, and how the harvesters intend to use the data.”

During the current “Field Test” phase, users are encouraged to enable what Worldcoin calls Data Custody, which allows Worldcoin to retain the underlying biometric data generated by the Orb, and to send it to the EU and the US to train and improve its system. In addition, that data will be labeled “with the perceived and approximated gender, age range, and skin color to train on algorithmic fairness in light of the diversity in the world.” Those raise important red flags in the context of data protection. Worldcoin’s consent form mentions other privacy dangers that users may run by participating in a global system that makes use of subcontractors:

If the subcontractors were to illegally process your data without authorization, then it may be difficult to assert your privacy rights against that subcontractor.

It may be possible that your data will be subject to governmental access of officials and authorities. In those cases we have committed ourselves to challenge any invalid, overbroad, or unlawful governmental request to access in court. We further use advanced encryption to hinder unauthorized access.

There are also some broader problems. World ID normalizes the idea of biometric scanning, which will make it easier for governments and companies to demand it in other situations. Issues of inclusion are also a concern: not everyone can use iris scanning, for a variety of physical and medical reasons. If the World ID system becomes popular, this will need to be addressed. 

Worldcoin has some bold and interesting ideas, not least in terms of technology. These include a cryptocurrency that is freely shared around the world, with verified users able to claim one WLD token per week (currently 1 WLD is worth around $2), and potentially providing the 4 billion people worldwide with a digital identity that they currently lack. Nonetheless, there are still serious questions about how it will work in practice, and what the eventual risks to privacy might turn out to be.

Featured image by Worldcoin.