Proof of Personhood (PoP)

Proof of Personhood is the most crucial data point within the Didit ID framework. It establishes that a user is a real, unique human, which is essential for many use cases, such as secure transactions, voting systems, anti-fraud measures, and more.

A robust Proof of Personhood system must be inclusive, scalable, fraud-resistant, and tightly bound to the individual while maintaining privacy and security. Designing such a system presents significant challenges due to these stringent requirements.

Literature Review of Proof of Personhood Methods

Online Accounts

One of the most straightforward methods for establishing Proof of Personhood at scale is using existing accounts such as email, phone numbers, and social media profiles. However, this method has significant limitations: individuals can easily create multiple accounts on each platform, and these accounts are not inherently linked to a single person - they can be transferred, sold, or duplicated, undermining their reliability for Proof of Personhood.

Web of Trust

The "Web of Trust" model decentralizes identity verification by relying on mutual attestation among users. Traditional implementations, like PGP key signing parties, require in-person verification, whereas newer projects like Proof of Humanity utilize face photos and video chats to circumvent this requirement.

Despite these innovations, Web of Trust systems are susceptible to Sybil attacks, fraud, and human error, which can compromise their effectiveness.

Social Graph Analysis

Social graph analysis determines user authenticity based on their relationships within a network. While this method has potential, building a reliable social graph on a global scale is slow and challenging. It often depends on institutions like employers and universities, making it difficult to achieve the necessary fraud resistance for Proof of Personhood at scale.

Although social graph analysis currently does not meet these requirements, future advancements may enhance its effectiveness, especially when combined with other methods.

Biometrics

Biometrics provides a fundamental approach to verifying both humanness and uniqueness. They are universal, offering access irrespective of nationality, race, gender, or economic status.

Properly implemented biometric systems can be highly privacy-preserving and serve as a recovery mechanism for forgotten credentials. However, achieving global uniqueness through biometrics involves comparing new entries against billions of existing records, which requires high accuracy and robust fraud resistance to avoid incorrect rejections.

Moreover, the security and privacy implications of biometrics must be carefully managed, particularly with the rise of generative AI. We believe that the future of online identity verification will increasingly depend on strong cryptographic methods rather than biometrics alone.

Government ID Verification

Government ID verification stands out as one of the most reliable methods for establishing Proof of Personhood. This process typically requires proof of identity, such as a national ID, passport, or driver's license.

Although capable of globally deduplicating individuals, a significant portion of the global population lacks digital IDs that can be verified. For those with access to digital IDs, especially those embedded with NFC chips, this method offers the highest level of security and scalability.

When properly implemented, government ID verification can preserve privacy by allowing users to manage their data without exposing it to third parties. Techniques like NFC-readable IDs provide the most secure and scalable approach for performing Proof of Personhood online.

Didit's Approach to Proof of Personhood

Given the trade-offs of existing methods and the vision of Didit, we decided that the most scalable solution involves government ID verification at scale.

To address privacy and security concerns, we have developed our own state-of-the-art identity verification solution, ensuring that data is not shared with third parties and remains accessible only to the user.

Government ID verification enables a scalable Didit ID, allowing users to store other verified data such as name, date of birth, and country if they choose to do so. This approach makes the Didit ID the most powerful privacy-preserving digital identity, controlled solely by the user.

Recognizing the increasing sophistication of generative AI and the rising threat of fraud, Didit incorporates advanced cryptographic techniques in document verification through NFC chip reading. This ensures that the Didit solution is not only optimal for current requirements but also future-proof.

While government ID verification is highly effective, it excludes those without access to such IDs. To address this, we are exploring the integration of additional methods, such as social graph analysis and other verification techniques, to provide a high level of assurance for all users, even in the absence of a formal ID.

How It Works

To obtain the Proof of Personhood credential in their Didit ID, individuals must undergo a secure and privacy-preserving verification process using the Didit App. Developed from the ground up, Didit's identity verification solution ensures maximum security and privacy, now available within the Didit Protocol.

Document Verification: For documents without a valid chip, verification relies on document capture using multiple AI models to detect fraud, extract data, and structure it correctly. If the user's document contains a cryptographic chip with valid international certificates, the process includes NFC (Near Field Communication) verification. This adheres to the ICAO (International Civil Aviation Organization) standard, which involves reading Data Groups (DGs), verifying the document's authenticity, and confirming the validity of the certificates.

Biometric Verification: The biometric verification process employs various AI models to detect fraud, compare facial features, identify deepfakes, and ensure liveness. This robust system guarantees that the person presenting the document is indeed the rightful owner.

Degrees of Proof of Personhood in Didit ID

NFC-Based Proof of Personhood: This is the most secure form of verification due to the cryptographic elements involved in reading and verifying the document's chip. It provides a high level of security and trust.

Non-NFC Proof of Personhood: Although highly secure, this method does not involve cryptographic chip verification and relies on advanced AI models for document and biometric verification.

Conclusion

Proof of Personhood is essential for establishing a secure, unique, and verifiable digital identity.

Didit's innovative approach combines multiple verification techniques to create an inclusive, scalable, and fraud-resistant system that maintains user privacy and security.

By leveraging Government ID verification together with advanced document and biometric verification methods, Didit ensures that users can confidently prove their humanness and uniqueness, enabling a wide range of secure digital interactions.