Riley Hughes is the Co-founder and CEO of Trinsic, a reusable identity infrastructure provider. Riley educates and trains businesses on the benefits of using Trinsic to improve the identity verification processes within their products, improving privacy and the user experience.
As a pioneer in the decentralized identity community, Riley has spearheaded privacy-preserving technologies, such as identity wallets and verifiable credentials eligible to the masses. Before Trinsic, he honed his skills in the decentralized identity space as the second employee at the Sovrin Foundation — an international nonprofit that was established to administer the Governance Framework at the Sovrin Network.
Here’s a glimpse of what you’ll learn:
- Riley Hughes shares his career trajectory that led him to found Trinsic
- Riley expounds on self-sovereign identity
- How does decentralized and digital wallet ID enhance privacy?
- What information is needed to create a personal digital wallet?
- Common challenges in the reusable identity industry
- The impact AI has on the industry
In this episode…
It is a common experience to verify one’s identity online only to have the website fail to accept the provided identification. Additionally, many people are uncomfortable sharing their driver’s license and other forms of ID, as it contains personal information. With so many technological advances, why is proving one’s identity such an antiquated process?
These are the burning questions Riley Hughes had while working for the Sovrin Foundation, a Governance Framework administrator, so he was inspired to develop decentralized identity products such as digital wallets and verifiable credentials. Digital wallets are convenient and secure methods to store payment information on mobile devices, including bank information and debit and credit cards. Like digital wallets, verifiable credentials digitally store information found on physical documents such as driver’s licenses, passports, birth certificates, employee IDs, and educational certificates and can be cryptographically verified. These self-sovereign methods give individuals complete autonomy over their data and allow them to control how it’s shared.
Join Jodi and Justin Daniels in today’s episode of the She Said Privacy/He Said Security Podcast, as they welcome Riley Hughes, Co-founder and CEO of Trinsic, to discuss decentralized identity. Riley expounds on self-sovereign identity, how decentralized identity enhances privacy, and how AI impacts the reusable identity infrastructure.
Resources Mentioned in this episode
- Jodi Daniels on LinkedIn
- Justin Daniels on LinkedIn
- Red Clover Advisors’ website
- Red Clover Advisors on LinkedIn
- Red Clover Advisors on Facebook
- Red Clover Advisors’ email: email@example.com
- Data Reimagined: Building Trust One Byte at a Time by Jodi and Justin Daniels
- Riley Hughes on LinkedIn | Twitter
- Email Riley Hughes: firstname.lastname@example.org
- The Future of Identity Podcast
- Blockchain Is the Least Interesting Thing About Self-Sovereign Identity by Riley Hughes
Sponsor for this episode…
This episode is brought to you by Red Clover Advisors.
Red Clover Advisors uses data privacy to transform the way that companies do business together and create a future where there is greater trust between companies and consumers.
Founded by Jodi Daniels, Red Clover Advisors helps companies to comply with data privacy laws and establish customer trust so that they can grow and nurture integrity. They work with companies in a variety of fields, including technology, e-commerce, professional services, and digital media.
To learn more, and to check out their Wall Street Journal best-selling book, Data Reimagined: Building Trust One Byte At a Time, visit www.redcloveradvisors.com.
Welcome to the She Said Privacy/He Said Security Podcast. Like any good marriage we will debate, evaluate, and sometimes quarrel about how privacy and security impact business in the 21st century.
Jodi Daniels 0:22
Hi, Jodi Daniels here. I’m the Founder and CEO of Red Clover Advisors, a certified women’s privacy consultancy. I’m a privacy consultant and certified informational privacy professional, providing practical privacy advice to overwhelmed companies and I am joined today by someone who does not know how to use this microphone.
Justin Daniels 0:40
Hi, I’m someone who doesn’t know how to use a microphone or Jodi’s sidekick Justin Daniels. I am a equity partner at the law firm Baker Donelson, and I am passionate about helping companies solve complex cyber and privacy challenges during the lifecycle of their business. I am the cyber quarterback helping clients design and implement cyber plans as well as help them manage and recover from data breaches.
Jodi Daniels 1:06
And this episode is brought to you by Red Clover Advisors. We help companies to comply with data privacy laws and establish customer trust so that they can grow and nurture integrity. We work with companies in a variety of fields, including technology, ecommerce, professional services, and digital media. In short, we use data privacy to transform the way companies do business together. We’re creating a future where there’s greater trust between companies and consumers. To learn more, and check out our best selling book Data Reimagined: Building Trust One Byte at a Time, visit redcloveradvisors.com. You’re very giddy this morning.
Justin Daniels 1:43
Yes, did you have like shadow espressos? I
Jodi Daniels 1:45
just had a regular old cup of coffee.
Justin Daniels 1:48
Okay. Well, today, we have a very interesting guests and a really thought provoking topic today. So I’m going to introduce Riley Hughes, who is the CEO and Co-founder of Trinsic, a reusable identity infrastructure provider. In his role, Riley helps businesses use Trinsic to help improve the identity verification processes within their products, so user experience and privacy and proven increase, respectively. As a leader in the decentralized identity community, Riley has pioneered efforts on making emerging privacy preserving technologies such as identity wallets and verifiable credentials adoptable to the masses. He began his career in the decentralized identity space as the second employee hired in the sovereign foundation where he established and led several teams. Riley, welcome. How are you today?
Riley Hughes 2:45
Thanks a lot for having me. I am feeling good. I’m this is already one of the most fun podcasts I’ve ever been on. It’s a pleasure. We’ve just gotten started. Yeah.
Jodi Daniels 2:54
Well, we do try and make it fun and entertaining. So we always like to start with understanding how people got to where they are today. So can you walk us through your career journey to this point?
Riley Hughes 3:05
Absolutely, I so little about me, I hail from a rural spot in, in Idaho. And I ended up in college, I was the first first person in my family to go to college. And about my junior year, I noticed that all the kind of ambitious smart people that I sort of, you know, peers of mine that I looked up to, were going and working at companies I’d never heard of like McKinsey, and Credit Suisse, and all these all these, you know, consulting and banking and other types of kind of firms. And I wanted to, you know, I thought, Oh, I guess that’s what the ambitious people do, I want to go do that as well. And so I found out that you kind of had to, you know, have a pretty good resume to get even get an interview at a lot of those places. And so, I set out to differentiate my resume as best I could. And I did that by trying to find the most off the wall job that I could, which was how I landed at Sovrin Foundation, as you alluded to, in my in my bio. Sovrin was an early blockchain meets identity, nonprofit. And as as mentioned, I was an early employee. So it was sort of a perfect cocktail of, you know, differentiating factors, that that, you know, I was happy to, to have. So I started there, and quickly realized that there are a lot of problems to be solved in digital identity today. I just thought it was amazing. We’re like sending people to outer space. We’re editing genes. We’re getting like dangerously close to artificial general intelligence and, and we’re doing all kinds of amazing things with science and technology. And yet, the cutting edge of proving identity on the internet was still taking photographs of plastic cards and, and selfies. And it’s just like, clearly the future of identity is going to be better. Are them today. And so, you know, when I was at solver and I decided to continue down this path, I did not end up going to recruit for any of those, any of those other companies, although all my friends that those companies are, you know, seem to be doing quite well. But here I am. Here in the identity space, I’m trying to still trying to solve some problems in this space. So I was at Sovrin for a couple of years. And then my co-founders, and I started Trinsic about four years ago,
Jodi Daniels 5:29
I can relate to the whole selfie thing, I will not name the company, but there’s a particular company where I have to have a loaded and it won’t work it, they won’t take the number, even though that’s the number that’s supposed to happen. And so to try and reset the whole account, upload this video, and they don’t like that either. And so I’m literally stuck, I can’t do anything and their identification features are not working so well. Why are you looking at me strangely, I did not tell you that story. It is true, it is a very true story. And I am blocked from this particular company’s account. And it’s very frustrating, because I’ve done all the things I’m supposed to do.
Riley Hughes 6:10
And it’s happened to me once when I was on vacation, I needed to I needed to get into something quickly for purposes of travel and whatever else. And because I was maybe I was overseas that thought that, you know, I was suspicious. And I was locked out of my stuff. Because I didn’t have an international plan. I couldn’t get it away. And all these all these problems surfaced. And I was I was locked out. I was just out of luck.
Jodi Daniels 6:31
Yep, they are real problems.
Justin Daniels 6:35
So now I want to kind of set up in preparation for our broadcast today, I had a chance to read Riley’s article in 2020 Medium, and it was talking about self-sovereign identity. And you talked about concepts around being able to reuse it easily, but also having it be privacy-preserving, but not always having to rely on say, in our case, the Georgia DMV for our driver’s license. So I wonder if you could talk a little bit more about the thinking behind that particular paper, which seemed to lead directly to some of the Trinsic products that
Riley Hughes 7:12
you have. Yeah. So I believe the post you’re referring to is called something like Blockchain Is the Least Interesting Thing About Self-Sovereign Identity. And I titled it that way, because at the time, Blockchain, like the concept and a lot of the people and talent and everything behind the self-sovereign identity world, were coming from the blockchain space. And that’s sort of what reignited the interest in identity, I think, in many ways was people saw the success of cryptocurrencies and NF T’s and other blockchain-type things. And they thought, you know, could this help with identity somehow? And? And I think the short answer is, yeah, yeah, it can. But that’s really not the exciting thing about self-sovereign identity. And so then I went on to explain what I think are the really cool things about it, which I think, you know, the main thing is just having a standardized way to prove things about yourself. That is, really, I think, what the key unlock is, so about four years ago, in 2019, the W3C, which is the World Wide Web Consortium, it’s it’s a big standards body that standardizes a lot of things on the internet, including the URL format, and, you know, HTML and all kinds of other Internet standards. It sort of formed the verifiable credential data model, which is a key component of self-sovereign identity systems, and it can be used in concert with Blockchain or not. But anyway, happy to dive deeper into into all of that. But hopefully, that’s a helpful, helpful intro.
Justin Daniels 8:55
Well, I think what was interesting is I never thought about this is I’ll use Jodi, for example. So you can look at her and she has certain intrinsic qualities, there’s, you know, female, brown hair, brown eyes. And yet there are certain, like, extrinsic qualities to her that, you know, you identify Jody by her driver’s license, and those two things are kind of different. And trying to figure out in this day and age of identity access management and how you identify people, it was just interesting to kind of think through things that may to Jodi intrinsically identify who she is what she believes in her values versus some of these extrinsic things that you can objectively observe about people but don’t really tell the whole story about their identity.
Riley Hughes 9:44
Yeah, yeah, there’s kind of, you know, we identify in all kinds of different ways and it’s, it’s interesting, I can be in you know, with my company, and team and I am in a certain context and then I go to a community organization or my neighborhood or or something like that, and I’m in a completely different context, right? People treat me differently or something like that. And it’s, it’s interesting how, how that works. And it’s, you know, we identify ourselves in all kinds of ways. And then the world, we also have to interact with others and in the world, and the world identifies us in ways as well. And so that that dichotomy that you talked about the intrinsic identity and extrinsic identity, is how we landed on the Trinsic name, you know, which is the name of our of our company, it’s sort of the common denominator between the two. And while we have big ambitions for what we think we can do across that spectrum, I think where we started is trying to improve the extrinsic identity portion of that, because as I alluded to earlier, it’s kind of remarkable how far behind digital identity is behind so many other things. If you want to prove that, that, that you really are who you say you are, or prove something about yourself like that you got a degree from a certain university, or that you, you know, a couple years ago, got the COVID shot so that you should be able to travel or, or whatnot. How do you actually go about doing that? It’s not obvious how you would do that. So that’s, that’s the problem that we are trying to solve.
Jodi Daniels 11:10
So can you share a little bit more about the value proposition behind Trinsic and how you’re approaching solving these types of problems?
Riley Hughes 11:20
Yeah, well, if you think about how this, these problems are solved in the real world, basically, we all have a leather pouch that we carry around, called a wallet, and we put cards and credentials inside of it, which are really attestations that are given to us by some trusted party. So when I go to the airport, and I want to fly, I walk up to the agent and hand them out plastic card, called a driver’s license, they do not trust that thing, because because it’s me handing it to them. They trust it, because it was the DMV that gave it to me, right? They trust the DMV, they don’t trust me. And the only reason that it works is because it has a little, you know, biometric device called a photo on it. And they can use their eyes to match the photo with my face. And, you know, let me through. So this is the way the real world works. If we need to establish trust quickly with somebody that we don’t know, which happens all the time, in our world of impersonal markets, we we need to rely on something that we both do trust, and the driver’s license has become that thing, largely in the United States. But But of course, there are other ways. So this is how the real world works. And we’re sort of taking the model that works in the real world, and applying it to the digital world. So in our world, we have a couple of concepts. One is a digital identity wallet. That is where you store your information and your credentials. The other one is verifiable credentials, which I alluded to earlier, it’s a standardized data model for representing attributes about you in a way that that you can share with anybody and that anybody concerned of authenticate its source that you can tell it hasn’t been tampered with, you can tell who issued it, you can tell it hasn’t been revoked, etc. And so when you have these two concepts, a verifiable credential, and an identity wallet, you can start to amass a pretty strong identity about you and and establish a high degree of trust with people very quickly, online in a way that really hasn’t been possible. Previously.
Justin Daniels 13:29
Yes, that makes sense. It makes sense to me. I guess what’s interesting, Jody, that I hadn’t thought about that Riley brings up is privacy is really all about the information that you get to share, because implicit I think, Riley and what you’re saying is, is if I can show someone, my digital ID that’s verifiable, but they don’t need to read my name, address and see all of this other information that maybe I would prefer not to disclose. That seems to me where we start to get it how decentralized ID and a digital wallet could be privacy enhancing?
Riley Hughes 14:10
Yeah, yeah. Yeah. I think there’s really two ways that I think about it. The first is the easiest to understand. And it’s kind of what you alluded to, which is, we call it selective disclosure, or zero knowledge proofs, or, you know, we have all these fancy names for it, but really, it’s just giving you what you need to know and nothing more. Right. It’s like, I go to a bar, and I want to get into the bar, unfortunately, although I’ve got a couple kids and I’m approaching 30 now, nobody ever believed I still always be my ID, because I anyway, but uh, I forgot my ID once when when I was with my Co-founder on his birthday, and it was a buzzkill. So that’s why I bring that up. But, um, but, you know, I don’t I shouldn’t need to give them my you know, the bouncer at the bar, my home address. And my weight, and my driver’s license number and all these things about me, right? They really, they need to know that I’m over 21 They don’t even need to know my birth date, right. So what I should be able to do and what we enable and what verifiable credentials enable is for you to selectively disclose only that which the relying party needs to know, and nothing more. And that is a big win for privacy. So you know, think you just walk up and prove I’m over 21, you don’t get my birthdate or I live in your voter precinct elected official. You know, I don’t necessarily need to divulge everything about me, but I live in your voter precinct. So you should listen to my opinion, right? Or, or, you know, there’s a handful of these kinds of use cases where you could imagine only divulging what’s needed for the interaction. And you know, I have been KYC. But you don’t need to know everything about me. Or I have a credit score of above 700, or I have whatever an income of above a certain amount. And so that’s the first way that preserves privacy, like the second way is a little more technical, but it’s what we call non correlating proofs. And it’s where when I prove something about myself, I’m proving it in a way where there are no correlate edible identifiers inherent in the proof that I’m giving. And, and, and this is this, this is important, because if I prove, you know, about one thing with party, a, and I prove a different set of information with party B, suppose the the bars in my town are all evil and conspiring against me and I prove, you know, half of my information with Barwon. And the other half with Barr to, if they want to get together behind the scenes, and try to correlate me he’s what we call it, they could get a full picture of me if they wanted to, even though I originally intended to only each give, each of them have a picture of me. And that’s what privacy is right privacy is sharing what you want to share with with a given party. And if they can go behind your back and sort of correlate you in aggregate and build a full profile of you when that’s not what you intended. That’s the sort of way to get around. The privacy that you originally intended to establish. And so when you can prove things about yourself, without including any way for people to correlate those things about you behind your back, you can you can maintain much better privacy with each party individually.
Jodi Daniels 17:21
So hope that helps. What is the starting point for someone creating this digital wallet? In other words, what kind of information do you do you receive? And how do you obtain it to be able to create Jodi’s digital identity? And you know, what Justin would have on his side?
Riley Hughes 17:41
Yeah, soour company is a an infrastructure company. So we provide for companies that are building digital identity wallets, we provide them all the tools that they need, or if they are incorporating verifiable credentials, somehow, we provide them all the tools that they need to be able to do that. So we don’t actually offer consumer products ourselves. And so Jodi, the answer your question is, it really depends on the use case. There are, you know, one of our customers is building in the, in the consumer space with, like ticketing and events and things like that. And the identity assurance level required for ticketing is is, you know, only a certain amount. And so the onboarding required for that wallet is, is what it is another customer is building a medical staff passport. So it’s a way for doctors to prove their credentials, so that they can go in between hospitals and clinics and continue to practice seamlessly without having to go through you know, two weeks of credentialing. That assurance level is much higher, because it’s, you know, potentially your surgeon coming in and and, and doing, you know, medical work on you. And so the the level of assurance there actually requires an authentication of a government issued document before they can even get their doctor’s license and all of those things. And then when they present their credentials, they’re proving I’ve got my, you know, medical license, but I also have authenticated government ID and the all the names match and everything like that, right. And that’s very different from another customer of ours, which is an automobile manufacturer trying to figure out how does a self driving car prove that it has insurance? When there’s no, you know, if a police officer pulls all the self driving car over, how does it How does it prove things about itself, given there’s nobody to fish documents out of the glove compartment here, I mean, the car needs to have an identity wallet, with, you know, its attributes and attestations in it that it can use to prove its attributes, you know, cross state borders, you know, cross country borders, if you’re in Europe, etc, etc. So, these are all very different use cases. They all require different levels of assurance and different kinds of information for onboarding. And so yeah, I hope that helps. Sure.
Justin Daniels 19:58
Thank you. So I think you just gave a good example of how you can aid and make things more secure and reusable. Because I guess, in your case with the decentralization component of what you’re doing, because when you said correlation earlier, I use that to mean connect the dots, meaning the two different bars can’t use their disparate information to then connect dots and create a very detailed profile of Jodi. So similarly, it sounds like where this really becomes helpful from a security perspective is, with what you’re doing, that doctor doesn’t have to keep sharing very personal information about their license, their government issued ID, they’re just able to flash something that has been pre authorized, that the hospital can rely on IE their identity to allow them in. And I guess it sounds to me, like there’s a really helpful security component, all that because now the doctor’s credentials, and all that information isn’t sitting in some literal dusty file, because we’re talking about healthcare in multiple places. So can you elaborate a little bit about
Riley Hughes 21:03
that? Yeah, when you get your if, you know, like, imagine you’re applying for housing, and you’re applying for 15 different apartments or something, if you need to submit your social security number to each of those, so that they can each check your credit. You know, that’s just for one interaction in your life for maybe a week long period, as you’re applying to lots of places. Next, you’re going to apply, apply for jobs. And guess what, you’re going to share a whole bunch of information there. Next, you’re gonna go, you know, whatever you’re going to do. Throughout our life, we’re constantly sharing things about ourselves with parties. And because we don’t have a good way to just prove things directly, we have to give a whole bunch of information to everybody, so that they can then go to companies that aggregate a bunch of info about us behind our back to get the info that they need. And so it’s just a big mess, right now, imagine how many databases around the internet contain your date of birth. I don’t know, just as an example, right? Like, it’s probably hundreds, and only one of those databases needs to get breached, for your information to be compromised. When the Equifax breach happened. I mean, my stuff is just I mean, I’m just, I’m just out of luck there. Right. So that is, that is the current model, like that’s just the current security model of, of the internet, if you can have a centralized place where you keep all of your information that’s been pre verified. The idea is that hopefully, in the future, you can go to these interactions and you can, you can, again, prove only what’s needed. And nothing more. And a lot of times, if it’s if it’s verifiable, cryptographically, verifiable from an authentic source that is trustworthy, then we can ended up sharing a whole lot less information about ourselves for some of these transactions that we currently do.
Jodi Daniels 22:50
It is very interesting to think about how much data you get places, and my favorite is the place that asks you to complete it online, then you get there. And they want you to complete the same information on yet paper that they match up, they’ll ask for all kinds of information, and they don’t actually need half of it. So if you just leave it mostly blank, they typically don’t yell at you. Anyways. It really interesting to see how much information is is here, what you’ve talked a little bit about some of the use cases that your customers are seeing. I’m curious, if you kind of look ahead, what are some of the challenges that you see the industry needing to solve for for this to be fairly widely adopted, that we’re going to be able to stop filling out all these annoying pieces of paper or third party applications that want our stuff all over the place? Yeah,
Riley Hughes 23:47
I think the key unlock here is the user experience needs to be much better. You know, we three hear talking on this podcast will probably be likely candidates to want to opt in for better privacy, a better privacy preserving a product. But I think that what we’ve learned with most consumers is they want things that are easy and fast. And, and and while they care about privacy. Generally, the you know, it’s not something they care about enough to trade very much for. Right. And so, you know, in the case that you described, like, scenario one is providing a photo of an ID, a social security number and a whole bunch of information for apartment that you’re applying to, for example. You know, you when you compare that against another proposed user experience where the user needs to get redirected out to a third party app store, download a new app that they’ve never heard of, and throw all the information in this new app that they’ve heard of, and then use that new app in the rest whole process, like like, if you already have all that information, if you already have a verifiable credential, then it’s really, you know, seamless, it’s almost think of it this way, if you already have a credit card, you go to an online store, and it’s fairly seamless to enter your credit card information and get through. But imagine if you get to the online store, and they say you need to apply for a credit card before you can get through. That would be a pretty hard user experience to swallow for an E commerce brand. And so there’s an interesting chicken and egg problem as it relates to identity wallets, verifiable credentials, etc. Where, you know, this is obviously a better user experience, it’s obviously better for privacy, once someone already has an identity wallet and a verified and verified credentials, but if they don’t already have it, then how do you get them to get it and so that they can actually use it. And you know, there’s, there’s this sort of chicken egg problem. And this is what a lot of what we are focused on at at our company are building products that are really adoptable, really seamless and streamlined and feel to the user. Like they’re embedded in the experiences they’re already using. Maybe they don’t even know they have an identity wallet or verifiable credentials. But they still get the benefits of it of that reusability and streamlined experience going forward. So. So yeah, hopefully that helps. I think the answer is as good user experiences, particularly for that first onboarding step of a user
Jodi Daniels 26:25
that makes sense could use your experiences apply in so many different areas of a customer’s journey site. I think that makes a lot of sense here, too. So,
Justin Daniels 26:37
Riley earlier, we were talking about 2020 in your article, and blockchain was all of the rage. Now that we’re sitting here today, in August of 2023, we’ll just replace the word blockchain with AI. That’s the sexiest thing going right now. And so I was just curious, from your perspective, as we sit today, how do you view AI potentially impacting how your industry works? And how you might go to market with some of your products?
Riley Hughes 27:10
Yeah, yeah, maybe I should write another blog post with that with the buzzword.
Jodi Daniels 27:15
Riley Hughes 27:19
Yeah, AI is big. And I think although blockchain was a big rage for a little while there, and you know, I don’t know, I think I think AI is really, I mean, I use AI every day, in a way that I definitely did not use blockchain everyday before. So this, this feels like it has a little bit more staying power. It also feels like because it’s something I use every day, there are more, there are a lot of areas where where this applies. The two big areas, the two ways we think about it are the first one is content authenticity. How do you know the person calling you is really the person that they are and not, you know, deep fake voice and a spoofed phone number? Right? That’s a hard problem to solve. And we’re working with some some customers in the telco space to try to solve that. How do you know that an image that you’re seeing online was actually taken with a camera and not, you know, generated by by an AI. That’s another thing that we’re working with some very large sort of corporations on, how do they solve this, it all comes back to, you know, the same, the same, a lot of the same concepts that we talked about with personal identity, where you have attributes about yourself, which are attested by some trusted source, and they’re cryptographically signed, so that you can then share them with somebody else. And, and that same model can apply for something even like an image, right, you can sort of include some metadata in the image, you can cryptographically sign it, such that anybody else who wants to verify whether the image is true, can see that it came from a trusted source and that the information all matches right. And so those are some some big areas that content authenticity right now on the web is a big area of interest for for a lot of people and we’re spending a lot of time in the other one that we talked about are empowered agents. How like, you know, we hear people talking about like, oh, this, we’re gonna make this AI bot that can book you a flight. And it’s like, well, if you want this AI bot to book me a flight, it’s going to need to know a lot of things about me. It’s going to need to know my payment information, my name and passport information, potentially it’s going to be maybe it’s going to be my credentials to my delta login or something like this. And I don’t know am I just going to like, insert all of that directly into the prompt. Ai please go book me a flight to whatever whatever and by the way, here’s my password. Here’s my passport information. Here’s my credit card. Not like like, of course not. That’s I mean, that’s that’s that’s, I hope not. I sure hope not. Not only Is that not a good user experience, but it is probably, you know, let’s hope that that AI bot doesn’t go rogue and, you know, whatever, or leak any information or something. And so we’re working on ways to enable you to delegate access to certain information to, to to AI bots, as well as using some fancy kind of encryption technology to make it so that an AI bot can share information about you that only the counterparty can can see. But the AI bot doesn’t ever know how to decrypt, right, because, and so it’s sort of invisible to the middleman. I shouldn’t say middleman, the middle bot maybe. But that is, you know, verifiable to the to the counterparty. So those are probably the two big ways that we’re thinking about AI and how it relates to what we’re doing.
Jodi Daniels 30:52
I think trying to solve for the deep fake is incredibly important. When I think about AI that is probably one of the pieces that scares me the most just from a societal point of view, and how you know what’s real and not real. And I think that’s a really significant challenge to be able to surpass. With all that you know, about how companies are collecting data and and how many times you are having to enter this type of personal information. We always like to ask everyone, what is your best personal privacy tip that you would offer at the moment?
Riley Hughes 31:26
Wow, this is a, this is a great question. I think maybe the first answer here is just, there’s a lot of things that I take for granted where I’m like, geez, I don’t know what I would say here that, that everyone’s not already doing. But then I meet someone who lives down the road who doesn’t keep a password or a lock on their phone at all right? It’s just like, they’re like, Oh, the face ID is kind of annoying, cuz I have to wait a sec before I can unlock my phone. So it’s just unlocked and decrypted always? Or something. Right. And it’s like, I don’t know. So I think I think the first answer is just all all of the things that we all probably know we ought to be doing that we’re not doing in terms of security. You know, if you ever reuse a password anywhere, if you ever, sort of use a I don’t know, use certain browser settings, certain cookie, you know, just click through the cookie, accept the cookies, whatever. Like, some of these things really do impact how much you’re tracked, correlated. And, and and disclosing on the web. And so I guess that’s the that’s the first thing. The other thing is I use a browser called Brave. That is the basically the same thing as Google Chrome. But it just doesn’t have all of Google’s trackers in it. And it sort of tracks over time how much you, you You did tells you how many trackers, it’s blocked over time. And I logged it. Alright, I opened it the other day. And I realized that I had blocked over 750,000 trackers over the whatever period of you know, couple years I’ve been using it or something like that. And I add, I didn’t know, I was blocked that number out. I don’t remember, like, look at it really, it didn’t really mind too much. But when I saw the 750,000 trackers that were blocked, just reminded me like we really like there’s a lot more tracking going on. And I think a lot of people realize and that there are some pretty easy ways to improve your privacy without compromising on your your experience throughout the web at all. So I don’t know, this is maybe a little bit prescriptive. But if you’re using Google Chrome, I really don’t see a reason not to switch to brave.
Jodi Daniels 33:37
Good advice. And we love actually when people share advice that others have shared as well because people have to hear it multiple times different audience members will hear this so I imagine the same is true when you’re talking to people Excellent, great tips.
Justin Daniels 33:52
So Riley when you’re not figuring out identity access management digitally What do you like to do for fun?
Riley Hughes 34:06
My life right now you know, life goes in phases, right? There’s a time and a place for all different kinds of things in life and right now my life is startup and Kitts. I have a three year old and a one year old. And so when I am not working on identity, I am playing with those kids. That is that is the most likely scenario is you know, I think I will get to do some hobbies and some other things for myself you know, down the road when things aren’t quite as intense. But But yeah, that’s that’s the life right now. And I sure do love it being a dad is a lot of fun.
Jodi Daniels 34:41
And then you blink and then they’re old and you kind of look back and think how did that happen? I Yeah, that’s a whole nother conversation. We’re not going to go up. We need to get you some tissue my we’re going into my I might need some tissues. Our kids are getting older and it makes me sad. So I’m in other news, Riley, this has been really fun if people would like to learn more about you and Trinsic, and the great work that you’re doing, where should they go?
Riley Hughes 35:12
Yeah, well, first of all, if the kind of stuff that I’ve been talking about is interesting, I do a podcast as well called The Future of Identity Podcast, where I talk to people who have launched products out in the market, which incorporate verifiable credentials and identity wallets and some of the things we’ve talked about here. So encourage you to check that out if this topics interesting. I am on Twitter, or I guess it’s now called X. So I guess I’m on X. Is that a thing now?
Jodi Daniels 35:45
That I think Twitter in most people’s eyes?
Riley Hughes 35:48
Yeah, well, I’m on that social media at Riley P. Hughes. I’m on LinkedIn. You can find me probably if you search my name, and then you can email me at email@example.com. And of course, check out our website trinsic.id. If you know, you’re interested in exploring how you might use verifiable credentials in in your business.
Jodi Daniels 36:12
Wonderful. Well, thank you so much. We’ll be sure to include those in the show notes. And we really appreciate you stopping by.
Riley Hughes 36:18
All right, thanks a lot. Appreciate it.
Thanks for listening to the She Said Privacy/He Said Security Podcast. If you haven’t already, be sure to click subscribe to get future episodes and check us out on LinkedIn. See you next time.