QiD: ANONYMOUS NEUROMORPHIC IDENTITY TECHNOLOGY
QiD: ANONYMOUS NEUROMORPHIC IDENTITY TECHNOLOGY
QiD: ANONYMOUS NEUROMORPHIC IDENTITY TECHNOLOGY
QiD is a new kind of identity technology primitive that is • neuromorphically able to determine who someone is without having to know anything about the someone • heuristically check if the someone is a real human • neuromorphically estimate the age of the someone
QiD: Briefly…

Using the power of Neuromorphic Computing - an advanced AI which accurately simulates human cognition (how the human mind/brain naturally and instinctively recognises things) research scientists from aiQ Cognitive Technologies (ex University of Johannesburg - South Africa) developed a technology (code-named ‘QiD’) that is able to interpret ‘personal identity’ - that innate, immutable essence which uniquely defines who we each are, independently of the name we answer to or who some identity artefact (ID card, passport, driver’s licence…) says we are

QiD does what we as humans do very well each time we for example unexpectedly bump into someone we recognise but who we don’t actually know…

“I know you - I just don’t know your name!”

Similarly, QiD is able to ‘know’ someone without knowing anything about the someone

The only way to know who someone actually is, is not to rely on any form of user attestation or feature vector or derived biometric representation, but to ground identity in the unique distinctiveness of the human being behind the interaction instead

QiD: The Underlying Premises…

QiD is predicated on certain fundamental premises which state that, as humans:

  • we are each so much more than a few minutiae at the end of our fingertips or a few landmark features on a face;

  • we are each distinct from each other;

  • we are each uniquely different from each other;

  • we are who we each are

What distinguishes us from each other, is not the name we answer to or who some identity artefact (ID card/passport/driver’s license…) says we are, but ‘personal identity’ - that immutable, unique attribution which innately defines who we each are for life

QiD: What It Does…

QiD is a new identity primitive that is able to:

  • neuromorphically identify someone without having to know anything about the someone (IDCheck);

  • heuristically check if the someone is a real human (LiveCheck);

  • neuromorphically estimate the age of the someone (AgeCheck)

QiD generates a persistent, anonymous identity token (‘QiD ID’) without requiring onboarding or user registration or identity checks and without relying of identity credentials, documents, stored biometrics or personal data exposure

QiD: The Three Questions It Answers…

QiD answers three of the most urgent (and most difficult) questions of our time:

Who?

Who is someone?” - the ability to identify someone without having to know anything about the someone 

Real Human? 

Is the someone a real human?” and not a high resolution/photorealistic image or 4K video or deep fake representation of the someone…

Age?

What is the estimated age of the someone?” without relying on any artefact (eg birth certificate) or the someone’s own declaration

QiD: What It Introduces…

QiD is effectively able to:

  • identify a person without requiring any input from the person;

  • do away with all onboarding, registration and identity check protocols and procedures;

  • render redundant all identity artefacts (ID cards, passports, driver’s licenses…) that are easily counterfeited, as ‘proof’ of identity;

  • dispense with the need for login names, passwords, OTPs, One Time Codes, 2FAs, CAPTCHAs, SSOs… to confirm the identity of a person;

  • obviate the need for any self-attesting biometric measures

Being able to uniquely identify someone without having to know anything about the someone, sets QiD apart from and well ahead of conventional identity solutions…

QiD: How It Works…

Using an advanced proprietary algorithm, QiD neuromorphically interprets and expresses ‘personal identity’ as a large, complex, irreversible, de-identifiable ‘identity checksum’ (‘QiD Hash’) which immutably persists for life - a person’s own, unique QiD Hash is represented by a compact UUID (‘QiD ID’) - an innominate identifier that can be used as the key to identify a customer or an employee or a student or a patient or a citizen…

And it does it all in 3D space from a simple ‘selfie’ captured on any computing device - desktop computer, notebook, tablet or mobile phone (even low-end phones) equipped with a ~2MP camera in less than 3 seconds inside a browser at very low bandwidth overhead

QiD - a simple illustration...
QiD - a simple illustration...

As a representation of ‘personal identity’ - a person’s own/unique QiD Hash/QiD ID:

  • persists for life;

  • does not need to be recorded or remembered;

  • relieves a person from ever having to appeal to anything apart from himself/herself to prove who he/she is

Paradox Of Identity…

Regulatory requirements increasingly demand that services providers know exactly who their services users (customers/employees/students/patients/ citizens…) are, and if their users have been properly authorised to use their services

To establish identity and to determine use entitlements, services providers require that users disclose private information about themselves, all of which only tends to • impugn privacy sensibilities • create opportunities for identity theft and fraud • load users with the burden of having prove identity every time they use the provider’s service

This tension between assurance, privacy, trust and user convenience gives rise to the ‘paradox of identity’…

QiD resolves this paradox by separating identity from identification…

QiD enables services providers to • anonymously identify their users • determine if their users are real humans • tell if their users are age-authorised to use the service, all without requiring users to surrender private information and also while relieving users of all burden of proof

In this way, QiD enables effective enforcement without over-identification, reducing the risk of fr

Identity Theft/Fraud...

The problem of identity theft is a global phenomenon which, in spite of every countermeasure employed by private and public organisations to contain it, has nevertheless continued to escalate unchecked in the world…

"Identity theft is a global problem, growing exponentially at an alarming rate " - Gartner Inc.
Identity theft/fraus global statistics...
Identity theft/fraus global statistics...
QiD: Unique/ Special Features…

QiD: Unique/ Special Features…

QiD introduces several unique/special features which sets it apart from and well ahead of conventional identity solutions:

01

IDENTITY THEFT/FRAUD

Because QiD is able to anonymously identify a person without relying on a person’s own claim to identity, the technology structurally mitigates against identity impersonation via compromised identity credentials or documents

01

IDENTITY THEFT/FRAUD

Because QiD is able to anonymously identify a person without relying on a person’s own claim to identity, the technology structurally mitigates against identity impersonation via compromised identity credentials or documents

01

IDENTITY THEFT/FRAUD

Because QiD is able to anonymously identify a person without relying on a person’s own claim to identity, the technology structurally mitigates against identity impersonation via compromised identity credentials or documents

02

NO ONBOARDING/NO REGISTRATION/NO ID CHECK

Being able to identify a person is without having to know anything about the person, QiD does not require a customer, and employee, a student, a patient, a citizen… to be onboarded or enrolled or registered or reference checked before a user can be granted access to a system, a service, a facility, a right, a privilege…

02

NO ONBOARDING/NO REGISTRATION/NO ID CHECK

Being able to identify a person is without having to know anything about the person, QiD does not require a customer, and employee, a student, a patient, a citizen… to be onboarded or enrolled or registered or reference checked before a user can be granted access to a system, a service, a facility, a right, a privilege…

02

NO ONBOARDING/NO REGISTRATION/NO ID CHECK

Being able to identify a person is without having to know anything about the person, QiD does not require a customer, and employee, a student, a patient, a citizen… to be onboarded or enrolled or registered or reference checked before a user can be granted access to a system, a service, a facility, a right, a privilege…

03

CREDENTIAL-FREE ACCESS

QiD removes the need for login names, passwords, PINs, one-time codes, 2FA workflows, CAPTCHAs and similar access mechanisms that depend on something a user must remember, possess or present Instead of authenticating a claimed identity or a device, QiD identifies the human directly and determines whether that human is real and present Access decisions can therefore be made without issuing, managing or recovering credentials, significantly reducing friction, attack surface and operational overhead

03

CREDENTIAL-FREE ACCESS

QiD removes the need for login names, passwords, PINs, one-time codes, 2FA workflows, CAPTCHAs and similar access mechanisms that depend on something a user must remember, possess or present Instead of authenticating a claimed identity or a device, QiD identifies the human directly and determines whether that human is real and present Access decisions can therefore be made without issuing, managing or recovering credentials, significantly reducing friction, attack surface and operational overhead

03

CREDENTIAL-FREE ACCESS

QiD removes the need for login names, passwords, PINs, one-time codes, 2FA workflows, CAPTCHAs and similar access mechanisms that depend on something a user must remember, possess or present Instead of authenticating a claimed identity or a device, QiD identifies the human directly and determines whether that human is real and present Access decisions can therefore be made without issuing, managing or recovering credentials, significantly reducing friction, attack surface and operational overhead

04

IMPOSTOR DETECTION

Since QiD determines the identity of someone anonymously - independently of who the someone claims to be - QiD structurally prevents impersonation based on fraudulent credentials, identity documents or false identity claims

04

IMPOSTOR DETECTION

Since QiD determines the identity of someone anonymously - independently of who the someone claims to be - QiD structurally prevents impersonation based on fraudulent credentials, identity documents or false identity claims

04

IMPOSTOR DETECTION

Since QiD determines the identity of someone anonymously - independently of who the someone claims to be - QiD structurally prevents impersonation based on fraudulent credentials, identity documents or false identity claims

05

NO DUPLICATE ALIASES

Premised on the understanding that no two persons are ever absolutely alike (their respective QiD Hashes/QiD IDs are expected to be distinctly different), QiD potentially forecloses on the possibility of the same person ever being able to present himself/herself under different aliases

05

NO DUPLICATE ALIASES

Premised on the understanding that no two persons are ever absolutely alike (their respective QiD Hashes/QiD IDs are expected to be distinctly different), QiD potentially forecloses on the possibility of the same person ever being able to present himself/herself under different aliases

05

NO DUPLICATE ALIASES

Premised on the understanding that no two persons are ever absolutely alike (their respective QiD Hashes/QiD IDs are expected to be distinctly different), QiD potentially forecloses on the possibility of the same person ever being able to present himself/herself under different aliases

06

AGE ESTIMATION

QiD neuromorphically estimates the age of the person to enable the subscriber to perform an age threshold check - does a user for example meet the minimum age to access an age restricted Internet site?

06

AGE ESTIMATION

QiD neuromorphically estimates the age of the person to enable the subscriber to perform an age threshold check - does a user for example meet the minimum age to access an age restricted Internet site?

06

AGE ESTIMATION

QiD neuromorphically estimates the age of the person to enable the subscriber to perform an age threshold check - does a user for example meet the minimum age to access an age restricted Internet site?

07

ETHNICITY/DEMOGRAPHICALLY NEUTRAL

With its focus concentrated on detecting personal identity anonymously, QiD has heuristically shown to be indifferent to ethnic and demographic distinctions

07

ETHNICITY/DEMOGRAPHICALLY NEUTRAL

With its focus concentrated on detecting personal identity anonymously, QiD has heuristically shown to be indifferent to ethnic and demographic distinctions

07

ETHNICITY/DEMOGRAPHICALLY NEUTRAL

With its focus concentrated on detecting personal identity anonymously, QiD has heuristically shown to be indifferent to ethnic and demographic distinctions

08

PRIVACY

As an anonymous identity technology that does not rely on the collection of personal information, QiD effectively mitigates against privacy concerns

08

PRIVACY

As an anonymous identity technology that does not rely on the collection of personal information, QiD effectively mitigates against privacy concerns

08

PRIVACY

As an anonymous identity technology that does not rely on the collection of personal information, QiD effectively mitigates against privacy concerns

09

NATURAL AGEING

Since personal identity does not change over time, QiD has been designed to adapt with regular use to the natural ageing process of an individual, rendering the technology technically indifferent to ageing

09

NATURAL AGEING

Since personal identity does not change over time, QiD has been designed to adapt with regular use to the natural ageing process of an individual, rendering the technology technically indifferent to ageing

09

NATURAL AGEING

Since personal identity does not change over time, QiD has been designed to adapt with regular use to the natural ageing process of an individual, rendering the technology technically indifferent to ageing

10

DEVICE/OS AGNOSTIC

QiD is designed to work on any computing device • desktop computer • notebook • tablet • mobile phone (even low-end phones), equipped with a ~2MP camera under normal operating conditions

10

DEVICE/OS AGNOSTIC

QiD is designed to work on any computing device • desktop computer • notebook • tablet • mobile phone (even low-end phones), equipped with a ~2MP camera under normal operating conditions

10

DEVICE/OS AGNOSTIC

QiD is designed to work on any computing device • desktop computer • notebook • tablet • mobile phone (even low-end phones), equipped with a ~2MP camera under normal operating conditions

11

BROWSER-BASED

QiD can be deployed as a web instance inside a standard desktop/mobile browser

11

BROWSER-BASED

QiD can be deployed as a web instance inside a standard desktop/mobile browser

11

BROWSER-BASED

QiD can be deployed as a web instance inside a standard desktop/mobile browser

12

LOW BANDWIDTH OVERHEAD

QiD relies entirely on a single ‘selfie’ with a footprint of less than 300KB, to ‘interpret’ ‘personal identity’ in 3D space in the background

12

LOW BANDWIDTH OVERHEAD

QiD relies entirely on a single ‘selfie’ with a footprint of less than 300KB, to ‘interpret’ ‘personal identity’ in 3D space in the background

12

LOW BANDWIDTH OVERHEAD

QiD relies entirely on a single ‘selfie’ with a footprint of less than 300KB, to ‘interpret’ ‘personal identity’ in 3D space in the background

QiD: Measured Performance…

Registered subscribers are given access to a special QiD Dashboard that allows performance of the technology to be tracked in real time inside a desktop/mobile browser

QiD Dashboard makes performance analysis possible in real-time...
QiD Dashboard makes performance analysis possible in real-time...

Under the rigour of extensive synthetic as well as analytic stress testing over a trial period of +24 months, QiD identified individual subjects to these overall levels of confidence:

QiD test performance results
QiD test performance results
The User Experience (UX)…

While QiD employs an advanced (proprietary) neuromorphic algorithm in the back-end to interpret personal identity from a simple ‘selfie’ to compute a subject’s own, unique QiD Hash/QiD ID in 3D space, QiD nevertheless recognises that it is the user experience (UX) which ultimately determines the success of a technology 

To that end, user interface (UI) designers and consumer behaviourists collaborated to craft a user experience (uX) that is easy to the touch and intuitive to the senses…

QiD & ‘KYC Friction Cost’…

Every identity check insisted upon by services providers increases user friction, and KYC friction ineluctably induces a loss of customers who abandon the onboarding or authentication or purchase process out of frustration because of ‘KYC load’ 

Research has shown that the loss of customers during the onboarding and authentication processes is directly proportionate to KYC load:

QiD test performance results
QiD test performance results

Globally, the unaccounted loss of revenue from customers who abandon the enrolment or authentication or purchase process due to identity friction, is conservatively estimated to amount to a staggering $500 billion to $1 trillion annually 

QiD eliminates ‘KYC cost’ by collapsing enrolment, authentication, liveness, and age assurance into a single, anonymous, near-zero-friction interaction - preserving conversion without sacrificing trust

FAQs…

Here is a comprehensive list of answers to the most common questions re QiD…

What is ‘personal identity’?

‘Personal identity’ is that innate part of you that makes you ‘YOU’ - the person who you are ‘Personal identity’ immutably persists over time, despite physiognomic changes that affect us all over time and independently of any names, descriptions or attributions that describe us

What is the ‘paradox of identity’?

Regulators increasingly require service providers to know who their customers/employees/students/patients/citizens… are, all of which demands that their users surrender private information about themselves to the service provider This creates a fundamental tension between effective enforcement and legitimate privacy concerns It also promotes an opportunity for identity theft and fraud to flourish QiD resolves this paradox by enabling systems to anonymously identify a person as a real human without requiring any ‘proof’ of identity and without investing value in any attestation of identity

What is Neuromorphic Computing?

Current generation Al technologies uses deep-learning networks to syntactically 'interpret' data sources (eg the content of a digital image) - this approach however suffers from the weakness that outliers that fall outside a neural net’s scope of reference, will generally cause the AI to fail certain edge cases By accurately simulating the neural processes of the human mind/brain, Neuromorphic Computing on the other hand semantically ‘interprets’ data sources to achieve a certain measure of 'cognitive interpretation' and 'autonomous adaptation' that advances Al technologies beyond current AI capabilities

What does it mean that QiD is ‘anonymous’?

Being able to identify a person without having to know anything about the person, renders QiD to be entirely an innominate process

Why do conventional identity methods have such a high rate of failure?

Conventional identification methods all suffer from the inherent weakness that ultimately, they all only confirm a person’s own say-so - “I am Bob, and here is ‘proof’ that I am who I say I am - every time I present the same ‘proof’, just assume that I am Bob” Just because someone is able to do what we expect only the actual person to be able to do (eg scribble a signature), or because someone happens to know something we expect only the actual person to know (eg login name/password/PIN/‘secret’ answer to some question…), or because someone happens to have what we expect only the actual person to have (eg ID card/passport/driver’s license…), conventional identification systems merely assume that the person is who he/she says he/she is… The rampant scourge of identity theft and fraud throughout the world however overwhelmingly speaks to the fact that a person’s own say-so simply cannot be trusted

Doesn’t biometrics solve the problem?

While biometrics function perfectly well in a highly controlled environment under superintended conditions (eg inside a banking hall or at a passport control point), the normal use of biometrics fail because they too ultimately only confirm a person’s own say-so: “I am Bob - here’s my fingerprint/faceprint/voiceprint - every time it matches my finger or face or voice, just assume that I am Bob” Biometrics also do not establish who someone is in any identity sense

How does QiD solve the problem?

Engineered on the premise that personal identity cannot be surrendered, transferred or asserted by proxy, QiD - as a direct presentment of ‘personal identity’ - is able to anonymously determine who someone is without relying on names, documents, credentials, self-asserted claims or biometrics

What is ‘KYC cost’?

‘KYC cost’ represents the loss of future revenue to a services provider when consumers abandon the service only because they find the identity friction - the burden of having to prove who they are to the services provider when joining as a customer or when using the service - outweighs the benefits of the services offering

Is QiD facial recognition?

No, QiD is not facial recognition - whereas facial recognition matches a ‘flat’ candidate image of a subject against a ‘flat’ reference image of a subject syntactically in 2D space to authenticate someone, QiD does not perform any matching of images Instead, QiD semantically interprets ‘personal identity’ - that part of us which uniquely defines who we each are - from a single ‘selfie’ in 3D space

Is a person’s QiD Hash unique?

A person’s QiD Hash is as unique as the ‘personal identity’ of the person is A person’s QiD Hash is drawn from an address space of 62^512 possible permutations - an extremely large number consisting of approximately 918 decimal digits (approximately about 6.1 x 10^907 times the current world population) - making the probability of accidental duplication statistically negligible at any conceivable population scale

What is a person’s QiD ID intended for?

As a compact representation of a person’s QiD Hash, a person’s unique QiD ID (128-bit UUID) is returned to a subscriber in response to each QiDaaS API request to serve as the reference key for customer/employee/student/patient/citizen… within the subscriber’s own systems

Is QiD a proprietary technology?

QiD is a technology development by research scientists at aiQ Cognitive Technologies (Pty) Ltd (South Africa)

Who can use the technology?

Any provider of a service (organisation, business entity, government agency… who needs to know who a customer, an employee, a student, a patient, a citizen… is, is eligible to become a subscriber…

Is the technology available for testing?

Prospective subscribers are offered (limited) access to sandbox pilot testing

How is QiD affected by natural ageing?

Since personal identity itself is not affected by age - a person always remains who he/she is - regular use of the QiD technology progressively adapts to the natural ageing of a person, implying a stable QiD Hash/QiD ID

What about identical twins?

In the extremely rare case of monozygotic twins who share the same genetic material (DNA) and that are almost always the same sex, when even a mother has difficulty to tell the twins apart, QiD may return non-deterministic results

Does QiD satisfy international privacy regulations?

As an anonymous identification technology that does not rely on names, civil identifiers or self-asserted claims to identity, QiD definitionally preserves privacy by dispensing with the need for any personal information to be disclosed

Is QiD an opportunity for OEM technology partnerships?

Recognising that certain technology providers have established access to specialised markets in which they already deliver complementary technology services, OEM partnerships are welcomed where QiD can be integrated into existing platforms or offerings

Is QiD FIDO certified?

QiD falls outside the scope of the technical framework of the FIDO (Fast IDentity Online) Alliance… FIDO (including FIDO2, WebAuthn and UAF/U2F) governs credential-based authentication, specifically how cryptographic keys are generated, stored, and used by devices to authenticate users to accounts QiD does not issue, store, manage or authenticate credentials of any kind QiD also does not rely on passwords, cryptographic keys, shared secrets, devices or accounts to establish identity Instead, QiD answers a very different question altogether: “Who is this someone, is this someone a real human and what is the estimated age of the someone?” For this reason, QiD operates outside the technical and regulatory framework of FIDO Of course, QiD can be deployed alongside FIDO-compliant authentication mechanisms, with certification handled at the application or platform layer by subscribers or OEM partners

QiD vs Passkeys - how do the two compare?

QiD and Passkeys share one outcome in common - they obviate the need for passwords - but the two technologies achieve this in fundamentally different ways that intend to serve fundamentally different objectives… Passkeys are a credential-based authentication technology - they replace passwords with cryptographic keys stored on trusted devices and are designed to securely authenticate users to pre-existing accounts By contrast - as an anonymous human identification technology - QiD does not authenticate accounts or devices Instead • QiD identifies a person directly • determines whether a person is an real human • estimates the age of a person, without relying on credentials, enrolment or any specific device or operating system In short: • Passkeys answer: “Does this device possess the correct key for this account?” • QiD answers: “Who is this someone, is this someone a real human and what is the estimated age of the someone?” QiD achieves the same no-password, phishing-resistant access outcomes as Passkeys, but does so through a fundamentally different approach, while also addressing identity and fraud challenges beyond the scope of Passkeys QiD answers the “Who?”-question not with a name or a claim, but with a stable, anonymous QiD Hash/QiD ID The two technologies therefore occupy different layers of the problem space and may be used independently or together in tandem, depending on the particular use case

Does EU AI Act impact QiD?

The EU AI Act regulates AI systems based on the level of risk they pose to individuals’ rights and freedoms, with higher-risk use cases subject to stricter safeguards From the outset, QiD was designed to align with the core principles underpinning the EU AI Act, including risk minimisation, transparency, proportionality and human oversight - in particular: • Risk-Based Design 
QiD focuses narrowly on answering three questions • “Who is this someone?” • “Is this someone a real human?” • “What is the estimated age of the someone?” without inferring behaviour, intent, preferences or personal attributes beyond what is required for identification • Privacy By Design 
QiD does not rely on names, civil identity documents, or self-asserted identity claims or other private information • Human-Centred Use 
QiD does not make autonomous decisions about rights, entitlements, or outcomes - such decisions remain the responsibility of the subscriber, with appropriate human oversight • Deployment-Context Awareness 
The classification and obligations applicable under the EU AI Act depend on the specific use case - QiD is intended to be deployed by subscribers in ways that support compliance with applicable legal and regulatory oversight QiD does not claim formal certification or classification under the EU AI Act - instead, it is designed to support responsible deployment in regulated environments by aligning with the Act’s underlying principles and measures

How much does the technology cost?

QiD operates on a high-volume, low-cost-per-transaction pricing model that scales down as a subscriber achieves certain economies of scale thresholds Since actual pricing depends on several factors: • transaction volumes • deployment context • specific use-case requirements, a bespoke cost model is tailored for each subscriber that fits the commercial framework of the subscriber

What is ‘personal identity’?

‘Personal identity’ is that innate part of you that makes you ‘YOU’ - the person who you are ‘Personal identity’ immutably persists over time, despite physiognomic changes that affect us all over time and independently of any names, descriptions or attributions that describe us

What is the ‘paradox of identity’?

Regulators increasingly require service providers to know who their customers/employees/students/patients/citizens… are, all of which demands that their users surrender private information about themselves to the service provider This creates a fundamental tension between effective enforcement and legitimate privacy concerns It also promotes an opportunity for identity theft and fraud to flourish QiD resolves this paradox by enabling systems to anonymously identify a person as a real human without requiring any ‘proof’ of identity and without investing value in any attestation of identity

What is Neuromorphic Computing?

Current generation Al technologies uses deep-learning networks to syntactically 'interpret' data sources (eg the content of a digital image) - this approach however suffers from the weakness that outliers that fall outside a neural net’s scope of reference, will generally cause the AI to fail certain edge cases By accurately simulating the neural processes of the human mind/brain, Neuromorphic Computing on the other hand semantically ‘interprets’ data sources to achieve a certain measure of 'cognitive interpretation' and 'autonomous adaptation' that advances Al technologies beyond current AI capabilities

What does it mean that QiD is ‘anonymous’?

Being able to identify a person without having to know anything about the person, renders QiD to be entirely an innominate process

Why do conventional identity methods have such a high rate of failure?

Conventional identification methods all suffer from the inherent weakness that ultimately, they all only confirm a person’s own say-so - “I am Bob, and here is ‘proof’ that I am who I say I am - every time I present the same ‘proof’, just assume that I am Bob” Just because someone is able to do what we expect only the actual person to be able to do (eg scribble a signature), or because someone happens to know something we expect only the actual person to know (eg login name/password/PIN/‘secret’ answer to some question…), or because someone happens to have what we expect only the actual person to have (eg ID card/passport/driver’s license…), conventional identification systems merely assume that the person is who he/she says he/she is… The rampant scourge of identity theft and fraud throughout the world however overwhelmingly speaks to the fact that a person’s own say-so simply cannot be trusted

Doesn’t biometrics solve the problem?

While biometrics function perfectly well in a highly controlled environment under superintended conditions (eg inside a banking hall or at a passport control point), the normal use of biometrics fail because they too ultimately only confirm a person’s own say-so: “I am Bob - here’s my fingerprint/faceprint/voiceprint - every time it matches my finger or face or voice, just assume that I am Bob” Biometrics also do not establish who someone is in any identity sense

How does QiD solve the problem?

Engineered on the premise that personal identity cannot be surrendered, transferred or asserted by proxy, QiD - as a direct presentment of ‘personal identity’ - is able to anonymously determine who someone is without relying on names, documents, credentials, self-asserted claims or biometrics

What is ‘KYC cost’?

‘KYC cost’ represents the loss of future revenue to a services provider when consumers abandon the service only because they find the identity friction - the burden of having to prove who they are to the services provider when joining as a customer or when using the service - outweighs the benefits of the services offering

Is QiD facial recognition?

No, QiD is not facial recognition - whereas facial recognition matches a ‘flat’ candidate image of a subject against a ‘flat’ reference image of a subject syntactically in 2D space to authenticate someone, QiD does not perform any matching of images Instead, QiD semantically interprets ‘personal identity’ - that part of us which uniquely defines who we each are - from a single ‘selfie’ in 3D space

Is a person’s QiD Hash unique?

A person’s QiD Hash is as unique as the ‘personal identity’ of the person is A person’s QiD Hash is drawn from an address space of 62^512 possible permutations - an extremely large number consisting of approximately 918 decimal digits (approximately about 6.1 x 10^907 times the current world population) - making the probability of accidental duplication statistically negligible at any conceivable population scale

What is a person’s QiD ID intended for?

As a compact representation of a person’s QiD Hash, a person’s unique QiD ID (128-bit UUID) is returned to a subscriber in response to each QiDaaS API request to serve as the reference key for customer/employee/student/patient/citizen… within the subscriber’s own systems

Is QiD a proprietary technology?

QiD is a technology development by research scientists at aiQ Cognitive Technologies (Pty) Ltd (South Africa)

Who can use the technology?

Any provider of a service (organisation, business entity, government agency… who needs to know who a customer, an employee, a student, a patient, a citizen… is, is eligible to become a subscriber…

Is the technology available for testing?

Prospective subscribers are offered (limited) access to sandbox pilot testing

How is QiD affected by natural ageing?

Since personal identity itself is not affected by age - a person always remains who he/she is - regular use of the QiD technology progressively adapts to the natural ageing of a person, implying a stable QiD Hash/QiD ID

What about identical twins?

In the extremely rare case of monozygotic twins who share the same genetic material (DNA) and that are almost always the same sex, when even a mother has difficulty to tell the twins apart, QiD may return non-deterministic results

Does QiD satisfy international privacy regulations?

As an anonymous identification technology that does not rely on names, civil identifiers or self-asserted claims to identity, QiD definitionally preserves privacy by dispensing with the need for any personal information to be disclosed

Is QiD an opportunity for OEM technology partnerships?

Recognising that certain technology providers have established access to specialised markets in which they already deliver complementary technology services, OEM partnerships are welcomed where QiD can be integrated into existing platforms or offerings

Is QiD FIDO certified?

QiD falls outside the scope of the technical framework of the FIDO (Fast IDentity Online) Alliance… FIDO (including FIDO2, WebAuthn and UAF/U2F) governs credential-based authentication, specifically how cryptographic keys are generated, stored, and used by devices to authenticate users to accounts QiD does not issue, store, manage or authenticate credentials of any kind QiD also does not rely on passwords, cryptographic keys, shared secrets, devices or accounts to establish identity Instead, QiD answers a very different question altogether: “Who is this someone, is this someone a real human and what is the estimated age of the someone?” For this reason, QiD operates outside the technical and regulatory framework of FIDO Of course, QiD can be deployed alongside FIDO-compliant authentication mechanisms, with certification handled at the application or platform layer by subscribers or OEM partners

QiD vs Passkeys - how do the two compare?

QiD and Passkeys share one outcome in common - they obviate the need for passwords - but the two technologies achieve this in fundamentally different ways that intend to serve fundamentally different objectives… Passkeys are a credential-based authentication technology - they replace passwords with cryptographic keys stored on trusted devices and are designed to securely authenticate users to pre-existing accounts By contrast - as an anonymous human identification technology - QiD does not authenticate accounts or devices Instead • QiD identifies a person directly • determines whether a person is an real human • estimates the age of a person, without relying on credentials, enrolment or any specific device or operating system In short: • Passkeys answer: “Does this device possess the correct key for this account?” • QiD answers: “Who is this someone, is this someone a real human and what is the estimated age of the someone?” QiD achieves the same no-password, phishing-resistant access outcomes as Passkeys, but does so through a fundamentally different approach, while also addressing identity and fraud challenges beyond the scope of Passkeys QiD answers the “Who?”-question not with a name or a claim, but with a stable, anonymous QiD Hash/QiD ID The two technologies therefore occupy different layers of the problem space and may be used independently or together in tandem, depending on the particular use case

Does EU AI Act impact QiD?

The EU AI Act regulates AI systems based on the level of risk they pose to individuals’ rights and freedoms, with higher-risk use cases subject to stricter safeguards From the outset, QiD was designed to align with the core principles underpinning the EU AI Act, including risk minimisation, transparency, proportionality and human oversight - in particular: • Risk-Based Design 
QiD focuses narrowly on answering three questions • “Who is this someone?” • “Is this someone a real human?” • “What is the estimated age of the someone?” without inferring behaviour, intent, preferences or personal attributes beyond what is required for identification • Privacy By Design 
QiD does not rely on names, civil identity documents, or self-asserted identity claims or other private information • Human-Centred Use 
QiD does not make autonomous decisions about rights, entitlements, or outcomes - such decisions remain the responsibility of the subscriber, with appropriate human oversight • Deployment-Context Awareness 
The classification and obligations applicable under the EU AI Act depend on the specific use case - QiD is intended to be deployed by subscribers in ways that support compliance with applicable legal and regulatory oversight QiD does not claim formal certification or classification under the EU AI Act - instead, it is designed to support responsible deployment in regulated environments by aligning with the Act’s underlying principles and measures

How much does the technology cost?

QiD operates on a high-volume, low-cost-per-transaction pricing model that scales down as a subscriber achieves certain economies of scale thresholds Since actual pricing depends on several factors: • transaction volumes • deployment context • specific use-case requirements, a bespoke cost model is tailored for each subscriber that fits the commercial framework of the subscriber

What is ‘personal identity’?

‘Personal identity’ is that innate part of you that makes you ‘YOU’ - the person who you are ‘Personal identity’ immutably persists over time, despite physiognomic changes that affect us all over time and independently of any names, descriptions or attributions that describe us

What is the ‘paradox of identity’?

Regulators increasingly require service providers to know who their customers/employees/students/patients/citizens… are, all of which demands that their users surrender private information about themselves to the service provider This creates a fundamental tension between effective enforcement and legitimate privacy concerns It also promotes an opportunity for identity theft and fraud to flourish QiD resolves this paradox by enabling systems to anonymously identify a person as a real human without requiring any ‘proof’ of identity and without investing value in any attestation of identity

What is Neuromorphic Computing?

Current generation Al technologies uses deep-learning networks to syntactically 'interpret' data sources (eg the content of a digital image) - this approach however suffers from the weakness that outliers that fall outside a neural net’s scope of reference, will generally cause the AI to fail certain edge cases By accurately simulating the neural processes of the human mind/brain, Neuromorphic Computing on the other hand semantically ‘interprets’ data sources to achieve a certain measure of 'cognitive interpretation' and 'autonomous adaptation' that advances Al technologies beyond current AI capabilities

What does it mean that QiD is ‘anonymous’?

Being able to identify a person without having to know anything about the person, renders QiD to be entirely an innominate process

Why do conventional identity methods have such a high rate of failure?

Conventional identification methods all suffer from the inherent weakness that ultimately, they all only confirm a person’s own say-so - “I am Bob, and here is ‘proof’ that I am who I say I am - every time I present the same ‘proof’, just assume that I am Bob” Just because someone is able to do what we expect only the actual person to be able to do (eg scribble a signature), or because someone happens to know something we expect only the actual person to know (eg login name/password/PIN/‘secret’ answer to some question…), or because someone happens to have what we expect only the actual person to have (eg ID card/passport/driver’s license…), conventional identification systems merely assume that the person is who he/she says he/she is… The rampant scourge of identity theft and fraud throughout the world however overwhelmingly speaks to the fact that a person’s own say-so simply cannot be trusted

Doesn’t biometrics solve the problem?

While biometrics function perfectly well in a highly controlled environment under superintended conditions (eg inside a banking hall or at a passport control point), the normal use of biometrics fail because they too ultimately only confirm a person’s own say-so: “I am Bob - here’s my fingerprint/faceprint/voiceprint - every time it matches my finger or face or voice, just assume that I am Bob” Biometrics also do not establish who someone is in any identity sense

How does QiD solve the problem?

Engineered on the premise that personal identity cannot be surrendered, transferred or asserted by proxy, QiD - as a direct presentment of ‘personal identity’ - is able to anonymously determine who someone is without relying on names, documents, credentials, self-asserted claims or biometrics

What is ‘KYC cost’?

‘KYC cost’ represents the loss of future revenue to a services provider when consumers abandon the service only because they find the identity friction - the burden of having to prove who they are to the services provider when joining as a customer or when using the service - outweighs the benefits of the services offering

Is QiD facial recognition?

No, QiD is not facial recognition - whereas facial recognition matches a ‘flat’ candidate image of a subject against a ‘flat’ reference image of a subject syntactically in 2D space to authenticate someone, QiD does not perform any matching of images Instead, QiD semantically interprets ‘personal identity’ - that part of us which uniquely defines who we each are - from a single ‘selfie’ in 3D space

Is a person’s QiD Hash unique?

A person’s QiD Hash is as unique as the ‘personal identity’ of the person is A person’s QiD Hash is drawn from an address space of 62^512 possible permutations - an extremely large number consisting of approximately 918 decimal digits (approximately about 6.1 x 10^907 times the current world population) - making the probability of accidental duplication statistically negligible at any conceivable population scale

What is a person’s QiD ID intended for?

As a compact representation of a person’s QiD Hash, a person’s unique QiD ID (128-bit UUID) is returned to a subscriber in response to each QiDaaS API request to serve as the reference key for customer/employee/student/patient/citizen… within the subscriber’s own systems

Is QiD a proprietary technology?

QiD is a technology development by research scientists at aiQ Cognitive Technologies (Pty) Ltd (South Africa)

Who can use the technology?

Any provider of a service (organisation, business entity, government agency… who needs to know who a customer, an employee, a student, a patient, a citizen… is, is eligible to become a subscriber…

Is the technology available for testing?

Prospective subscribers are offered (limited) access to sandbox pilot testing

How is QiD affected by natural ageing?

Since personal identity itself is not affected by age - a person always remains who he/she is - regular use of the QiD technology progressively adapts to the natural ageing of a person, implying a stable QiD Hash/QiD ID

What about identical twins?

In the extremely rare case of monozygotic twins who share the same genetic material (DNA) and that are almost always the same sex, when even a mother has difficulty to tell the twins apart, QiD may return non-deterministic results

Does QiD satisfy international privacy regulations?

As an anonymous identification technology that does not rely on names, civil identifiers or self-asserted claims to identity, QiD definitionally preserves privacy by dispensing with the need for any personal information to be disclosed

Is QiD an opportunity for OEM technology partnerships?

Recognising that certain technology providers have established access to specialised markets in which they already deliver complementary technology services, OEM partnerships are welcomed where QiD can be integrated into existing platforms or offerings

Is QiD FIDO certified?

QiD falls outside the scope of the technical framework of the FIDO (Fast IDentity Online) Alliance… FIDO (including FIDO2, WebAuthn and UAF/U2F) governs credential-based authentication, specifically how cryptographic keys are generated, stored, and used by devices to authenticate users to accounts QiD does not issue, store, manage or authenticate credentials of any kind QiD also does not rely on passwords, cryptographic keys, shared secrets, devices or accounts to establish identity Instead, QiD answers a very different question altogether: “Who is this someone, is this someone a real human and what is the estimated age of the someone?” For this reason, QiD operates outside the technical and regulatory framework of FIDO Of course, QiD can be deployed alongside FIDO-compliant authentication mechanisms, with certification handled at the application or platform layer by subscribers or OEM partners

QiD vs Passkeys - how do the two compare?

QiD and Passkeys share one outcome in common - they obviate the need for passwords - but the two technologies achieve this in fundamentally different ways that intend to serve fundamentally different objectives… Passkeys are a credential-based authentication technology - they replace passwords with cryptographic keys stored on trusted devices and are designed to securely authenticate users to pre-existing accounts By contrast - as an anonymous human identification technology - QiD does not authenticate accounts or devices Instead • QiD identifies a person directly • determines whether a person is an real human • estimates the age of a person, without relying on credentials, enrolment or any specific device or operating system In short: • Passkeys answer: “Does this device possess the correct key for this account?” • QiD answers: “Who is this someone, is this someone a real human and what is the estimated age of the someone?” QiD achieves the same no-password, phishing-resistant access outcomes as Passkeys, but does so through a fundamentally different approach, while also addressing identity and fraud challenges beyond the scope of Passkeys QiD answers the “Who?”-question not with a name or a claim, but with a stable, anonymous QiD Hash/QiD ID The two technologies therefore occupy different layers of the problem space and may be used independently or together in tandem, depending on the particular use case

Does EU AI Act impact QiD?

The EU AI Act regulates AI systems based on the level of risk they pose to individuals’ rights and freedoms, with higher-risk use cases subject to stricter safeguards From the outset, QiD was designed to align with the core principles underpinning the EU AI Act, including risk minimisation, transparency, proportionality and human oversight - in particular: • Risk-Based Design 
QiD focuses narrowly on answering three questions • “Who is this someone?” • “Is this someone a real human?” • “What is the estimated age of the someone?” without inferring behaviour, intent, preferences or personal attributes beyond what is required for identification • Privacy By Design 
QiD does not rely on names, civil identity documents, or self-asserted identity claims or other private information • Human-Centred Use 
QiD does not make autonomous decisions about rights, entitlements, or outcomes - such decisions remain the responsibility of the subscriber, with appropriate human oversight • Deployment-Context Awareness 
The classification and obligations applicable under the EU AI Act depend on the specific use case - QiD is intended to be deployed by subscribers in ways that support compliance with applicable legal and regulatory oversight QiD does not claim formal certification or classification under the EU AI Act - instead, it is designed to support responsible deployment in regulated environments by aligning with the Act’s underlying principles and measures

How much does the technology cost?

QiD operates on a high-volume, low-cost-per-transaction pricing model that scales down as a subscriber achieves certain economies of scale thresholds Since actual pricing depends on several factors: • transaction volumes • deployment context • specific use-case requirements, a bespoke cost model is tailored for each subscriber that fits the commercial framework of the subscriber

QiD-as-a-Service…

QiD can easily be integrated into an organisation’s own web/desktop/mobile app to issue a QiDaaS service request on demand through the ‘no code’ QiD API - the API workflow can briefly be illustrated like this:

QiDaaS API workflow illustration
QiDaaS API workflow illustration

A: A Subscriber client app initiates a QiD service request to the Subscriber’s own server • B: From a static IP address, the Subscriber server launches a secure QiD service request to the QiD API • C: The QiD API initiates a QID process • D: QiD seamlessly captures a ‘selfie’ of the subject inside the Subscriber’s own client web/desktop/mobile app • E: QiD neuromorphically computes the subject’s own unique ‘QiD Hash’/‘QiD ID’, heuristically determines if the subject is a real human (if requested) and neuromorphically estimates the age of the subject (if requested) • F: The QiD API securely returns the IDCheck, LiveCheck and AgeCheck results (if requested) to the Subscriber server via a Webhook • G: The Subscriber server notifies the Subscriber client app which takes the appropriate action (eg grants or denies the subject access to a web/app service)

All virtually instantly…

QiD Checks…

The QiDaaS makes it easy for a Subscriber web/desktop/mobile app to answer these identity questions: • “What is the user’s unique identifier (QiD ID)?” • “Is the user a real human?” • “What is the estimated age of the user?” by launching any one of these three checks:

QiD Check 01

QiD IDCheck

Anonymously identify someone

QiD Check 02

QiD LiveCheck

Anonymously identify someone

Check if the someone is an real human

QiD Check 03

QiD AgeCheck

Anonymously identify someone

Estimate the age of the someone

QiD: Live Demo App…

The following example of a mock Subscriber app launches a QiD AgeCheck to help the app decide decide whether or not to grant the user access to an age restricted service…

Touch the ‘QiD Demo’ button to launch the demo app inside a browser…

QiD demo app...
QiD demo app...
QiD demo app...
Contact…

Please contact us by email…

Send us an email...

Copyright - aiQ Cognitive Technologies (Pty) Ltd

About

Privacy Policy

Top