How Elon Musk Could Fight Twitter Spambots Using Phone-Centric Identity

Not since the meme-stock era has news of a Wall Street maneuver inspired as much interest from the public as Elon Musk’s offer to purchase Twitter for a mind-blowing $44 billion. Musk, one of the richest people in the world and a public relations mastermind, has transformed the business acquisition of a social media platform into somewhat of a spectacle. In a recent tweet, Musk caught the attention of the digital identity community and ratcheted up the drama once again by vowing to “defeat the spambots or die trying” should his bid for Twitter succeed. There’s been quite a conversation going about how Musk could successfully do this, and cryptographic authentication could be the most promising solution.

‍

What is Cryptographic Authentication?

‍

Cryptographic authentication (AKA key based authentication) allows relying parties (financial institutions, companies, and governments) to trust that the data asserted by users during authentication and verification events is actually true by leveraging cryptography as the source-of-truth. 

Cryptography refers to the science of writing or solving codes. Encryption, “the application of cryptography,” is “the process of converting plain text into a cipher, which can’t be figured out without a key.” Think of the phone number (more specifically, the unique serial number found on every SIM card) as the key used to unlock the encrypted data contained in Prove’s tokens. In fact, Prove is the world’s largest network of reusable identities, with over 740M keys bound to 175M reusable identities under management as of Q2 2022. 

‍

To prevent the spread of spambots, Musk will have to tackle a problem that’s even bigger than social media: synthetic identity fraud. Synthetic identity fraud, an expensive thorn in the side of the government, banks, and fintechs, takes place when fraudsters create accounts using a combination of stolen information from a real individual and fictitious information, creating a new so-called synthetic identity in the process. Because synthetic identities contain some element of truth, they are very difficult to flag as fraudulent.

‍

To prevent bots from creating synthetic accounts, Musk should consider expanding an already popular program: the verified badge. The verification badge (a blue checkmark) indicates that the user truly is who they claim to be. Currently, however, it’s limited to celebrities and other public figures. If Musk were able to expand this program so everybody could verify themselves as real people, bots would no longer be able to access the site. Verifying a user employs cryptographic authentication and a 3-step process that we call a PRO check: 

‍

1. Possession: Passwords rely on authenticating a user based on something that, in theory, only they should know. Unfortunately, for the reasons described above, this has major limitations. Prove solves this problem by authenticating users using something that the user possesses – a cell phone. Instant Link™, for example,  is a powerful and almost frictionless way to check for possession. 
2. Reputation: The rise of SIM Swaps makes checking the trustworthiness of a phone number absolutely critical. Phone numbers that have recently undergone a SIM Swap or other high-risk event will have a lower Trust Score® than a phone number with a long track record of successful authentications. Companies can then use the Trust Score to make wise decisions when it comes to authenticating or verifying a customer. 
3. Ownership: How do you prove that a phone number entered is actually owned by the user? That’s where the ownership check comes in. The ownership check measures how closely linked a user is with a phone number. This prevents bad actors from entering a stranger’s phone number while creating an account. 

‍

By leveraging something that most people have on hand at all times - mobile phones - Musk and Twitter would be able to verify users at scale,  improving the user experience for everyone by preventing synthetic identity and bots, and enabling new uses including payments.

‍‍

To learn more about Prove’s identity solutions and how to accelerate revenue while mitigating fraud, schedule a demo today.