QiD: ANONYMOUS NEUROMORPHIC IDENTITY TECHNOLOGY
QiD: ANONYMOUS NEUROMORPHIC IDENTITY TECHNOLOGY
QiD: ANONYMOUS NEUROMORPHIC IDENTITY TECHNOLOGY
QiD is a revolutionary new kind of identity technology that is able to • identify a person anonymously • check if the person is a real human • estimate the age of the person, all without having to know anything about the person
QiD: The Basic Premise…

As a technology, QiD is predicated on certain fundamental premises - as humans:

  • we are each distinct from each other;

  • we are each uniquely different from each other;

  • we are who we each are

What distinguishes us from each other, is not the name we answer to or who some identity artefact (ID card/passport/driver’s license…) says we are, but ‘personal identity’ - that immutable, unique attribution which innately defines who we each are

QiD: A Brief Intro…

Using the power of Neuromorphic Computing - an advanced AI which accurately simulates human cognition - how the human mind/brain is naturally and instinctively able to recognise things - research scientists from aiQ Cognitive Technologies (ex University of Johannesburg - South Africa) have successfully been able to develop a technology - code-named ‘QiD’ - that is able to interpret ‘personal identity’ and algorithmically express it as a special ‘identity checksum’ (‘QiD Hash’) which uniquely identifies each of us for life

QiD does what we as humans do very well each time we for example unexpectedly bump into someone we recognise but who we don’t actually know…

“I know you - I just don’t know your name!”

Similarly, QiD is able to identify someone without having to know anything about the someone

QiD: What It Does…

Having figured out how to interpret ‘personal identity’, QiD was developed as an identity technology that is able to:

  • identify a person anonymously;

  • check if the person is a real human;

  • estimate the age of the person

QiD: The Three Questions It Answers…

QiD neuromorphically answers three of the most urgent (and most difficult) questions of our time:

Who?

Who is someone?” - the ability to identify someone without having to know anything about the someone 

Real Human? 

Is the someone a real human and not a high res/photorealistic image or 4K video or deep fake representation of the person?” at two levels designed to balance confidence with user experience (UX):

・Lo Livecheck: Moderate confidence/High UX

・Hi Livecheck: High confidence/Moderate UX

Age?

What is the estimated age of the someone?” without relying on any artefact (eg birth certificate) or the someone’s own declaration

QiD: What It Translates Into…

QiD promises to disrupt and radically transform identity beyond and well ahead of existing solutions - typical real-world deployments can briefly be illustrated like this:

QiD: How It Works…

From a single ‘selfie’ captured on any computing device - desktop computer, notebook, tablet or mobile phone (even low-end phones) equipped with a ~2MP camera in less than 3 seconds inside a browser at very low bandwidth overhead, QiD neuromorphically interprets ‘personal identity’ - that immutable, innate attribution which uniquely defines who we each are

In 3D space, QiD algorithmically expresses ‘personal identity’ as a large, complex, irreversible, de-identifiable ‘identity checksum’ (‘QiD Hash’) - a stable 512-alpha/numeric character string which uniquely identifies each individual for life

A person’s QiD Hash is assigned a permanent/unique 128-bit UUID (‘QiD ID’) that can be used as the reference key to record a customer or an employee or a student or a patient or a citizen…

QiD - a simple illustration...
QiD - a simple illustration...

As a representation of ‘personal identity’ - a person’s own/unique QiD Hash/QiD ID:

  • persists for life;

  • does not need to be recorded or remembered;

  • relieves a person from ever having to appeal to anything apart from himself/herself to prove who he/she is

Your Own
QiD Hash/QiD ID…

Discover your own unique QiD Hash/QiD ID by launching this live demo inside a browser on a mobile ‘phone:

Your own/unique Qid Hash/QiD ID...
Paradox Of Identity…

Regulatory requirements increasingly demand that services providers know exactly who their services users (customers/employees/students/patients/ citizens…) are, and if their users have been properly authorised to use their services

To establish identity and to determine use entitlements, services providers require that users disclose private information about themselves, all of which only tends to • impugn privacy sensibilities • create opportunities for identity theft and fraud • load users with the burden of having prove identity every time they use the provider’s service

This tension between assurance, privacy, trust and user convenience gives rise to the ‘paradox of identity’…

QiD resolves this paradox by separating identity from identification…

QiD enables services providers to • anonymously identify their users • determine if their users are real humans • tell if their users are age-authorised to use the service, all without requiring users to surrender private information and also while relieving users of all burden of proof

In this way, QiD enables effective enforcement without over-identification, reducing the risk of fr

Identity Theft/Fraud...

The problem of identity theft is a global phenomenon which, in spite of every countermeasure employed by private and public organisations to contain it, has nevertheless continued to escalate unchecked in the world…

"Identity theft is a global problem, growing exponentially at an alarming rate " - Gartner Inc.
Identity theft/fraus global statistics...
Identity theft/fraus global statistics...

The most effective response to identity theft and fraud is not stronger secrets or more barriers, but abandoning secrets altogether by grounding identity in the unique distinctiveness of the human being behind the interaction instead

QiD: Unique/ Special Features…

QiD: Unique/ Special Features…

QiD introduces several unique/special features which sets it apart from and well ahead of conventional identity solutions:

01

IDENTITY THEFT/FRAUD

Because QiD is able to anonymously identify a person without relying on a person’s own claim to identity, the technology structurally mitigates against identity impersonation via compromised identity credentials or documents

01

IDENTITY THEFT/FRAUD

Because QiD is able to anonymously identify a person without relying on a person’s own claim to identity, the technology structurally mitigates against identity impersonation via compromised identity credentials or documents

01

IDENTITY THEFT/FRAUD

Because QiD is able to anonymously identify a person without relying on a person’s own claim to identity, the technology structurally mitigates against identity impersonation via compromised identity credentials or documents

02

NO ONBOARDING/NO REGISTRATION/NO ID CHECK

Being able to identify a person is without having to know anything about the person, QiD does not require a customer, and employee, a student, a patient, a citizen… to be onboarded or enrolled or registered or reference checked before a user can be granted access to a system, a service, a facility, a right, a privilege…

02

NO ONBOARDING/NO REGISTRATION/NO ID CHECK

Being able to identify a person is without having to know anything about the person, QiD does not require a customer, and employee, a student, a patient, a citizen… to be onboarded or enrolled or registered or reference checked before a user can be granted access to a system, a service, a facility, a right, a privilege…

02

NO ONBOARDING/NO REGISTRATION/NO ID CHECK

Being able to identify a person is without having to know anything about the person, QiD does not require a customer, and employee, a student, a patient, a citizen… to be onboarded or enrolled or registered or reference checked before a user can be granted access to a system, a service, a facility, a right, a privilege…

03

CREDENTIAL-FREE ACCESS

QiD removes the need for login names, passwords, PINs, one-time codes, 2FA workflows, CAPTCHAs and similar access mechanisms that depend on something a user must remember, possess or present Instead of authenticating a claimed identity or a device, QiD identifies the human directly and determines whether that human is real and present Access decisions can therefore be made without issuing, managing or recovering credentials, significantly reducing friction, attack surface and operational overhead

03

CREDENTIAL-FREE ACCESS

QiD removes the need for login names, passwords, PINs, one-time codes, 2FA workflows, CAPTCHAs and similar access mechanisms that depend on something a user must remember, possess or present Instead of authenticating a claimed identity or a device, QiD identifies the human directly and determines whether that human is real and present Access decisions can therefore be made without issuing, managing or recovering credentials, significantly reducing friction, attack surface and operational overhead

03

CREDENTIAL-FREE ACCESS

QiD removes the need for login names, passwords, PINs, one-time codes, 2FA workflows, CAPTCHAs and similar access mechanisms that depend on something a user must remember, possess or present Instead of authenticating a claimed identity or a device, QiD identifies the human directly and determines whether that human is real and present Access decisions can therefore be made without issuing, managing or recovering credentials, significantly reducing friction, attack surface and operational overhead

04

IMPOSTOR DETECTION

Since QiD determines the identity of someone anonymously - independently of who the someone claims to be - QiD structurally prevents impersonation based on fraudulent credentials, identity documents or false identity claims

04

IMPOSTOR DETECTION

Since QiD determines the identity of someone anonymously - independently of who the someone claims to be - QiD structurally prevents impersonation based on fraudulent credentials, identity documents or false identity claims

04

IMPOSTOR DETECTION

Since QiD determines the identity of someone anonymously - independently of who the someone claims to be - QiD structurally prevents impersonation based on fraudulent credentials, identity documents or false identity claims

05

NO DUPLICATE ALIASES

Premised on the understanding that no two persons are ever absolutely alike (their respective QiD Hashes/QiD IDs are expected to be distinctly different), QiD potentially forecloses on the possibility of the same person ever being able to present himself/herself under different aliases

05

NO DUPLICATE ALIASES

Premised on the understanding that no two persons are ever absolutely alike (their respective QiD Hashes/QiD IDs are expected to be distinctly different), QiD potentially forecloses on the possibility of the same person ever being able to present himself/herself under different aliases

05

NO DUPLICATE ALIASES

Premised on the understanding that no two persons are ever absolutely alike (their respective QiD Hashes/QiD IDs are expected to be distinctly different), QiD potentially forecloses on the possibility of the same person ever being able to present himself/herself under different aliases

06

AGE ESTIMATION

QiD neuromorphically estimates the age of the person to enable the subscriber to perform an age threshold check - does a user for example meet the minimum age to access an age restricted Internet site?

06

AGE ESTIMATION

QiD neuromorphically estimates the age of the person to enable the subscriber to perform an age threshold check - does a user for example meet the minimum age to access an age restricted Internet site?

06

AGE ESTIMATION

QiD neuromorphically estimates the age of the person to enable the subscriber to perform an age threshold check - does a user for example meet the minimum age to access an age restricted Internet site?

07

ETHNICITY/DEMOGRAPHICALLY NEUTRAL

With its focus concentrated on detecting personal identity anonymously, QiD has heuristically shown to be indifferent to ethnic and demographic distinctions

07

ETHNICITY/DEMOGRAPHICALLY NEUTRAL

With its focus concentrated on detecting personal identity anonymously, QiD has heuristically shown to be indifferent to ethnic and demographic distinctions

07

ETHNICITY/DEMOGRAPHICALLY NEUTRAL

With its focus concentrated on detecting personal identity anonymously, QiD has heuristically shown to be indifferent to ethnic and demographic distinctions

08

PRIVACY

As an anonymous identity technology that does not rely on the collection of personal information, QiD effectively mitigates against privacy concerns

08

PRIVACY

As an anonymous identity technology that does not rely on the collection of personal information, QiD effectively mitigates against privacy concerns

08

PRIVACY

As an anonymous identity technology that does not rely on the collection of personal information, QiD effectively mitigates against privacy concerns

09

NATURAL AGEING

Since personal identity does not change over time, QiD has been designed to adapt with regular use to the natural ageing process of an individual, rendering the technology technically indifferent to ageing

09

NATURAL AGEING

Since personal identity does not change over time, QiD has been designed to adapt with regular use to the natural ageing process of an individual, rendering the technology technically indifferent to ageing

09

NATURAL AGEING

Since personal identity does not change over time, QiD has been designed to adapt with regular use to the natural ageing process of an individual, rendering the technology technically indifferent to ageing

10

DEVICE/OS AGNOSTIC

QiD is designed to work on any computing device • desktop computer • notebook • tablet • mobile phone (even low-end phones), equipped with a ~2MP camera under normal operating conditions

10

DEVICE/OS AGNOSTIC

QiD is designed to work on any computing device • desktop computer • notebook • tablet • mobile phone (even low-end phones), equipped with a ~2MP camera under normal operating conditions

10

DEVICE/OS AGNOSTIC

QiD is designed to work on any computing device • desktop computer • notebook • tablet • mobile phone (even low-end phones), equipped with a ~2MP camera under normal operating conditions

11

BROWSER-BASED

QiD can be deployed as a web instance inside a standard desktop/mobile browser

11

BROWSER-BASED

QiD can be deployed as a web instance inside a standard desktop/mobile browser

11

BROWSER-BASED

QiD can be deployed as a web instance inside a standard desktop/mobile browser

12

LOW BANDWIDTH OVERHEAD

QiD relies entirely on a single ‘selfie’ with a footprint of less than 300KB, to ‘interpret’ ‘personal identity’ in 3D space in the background

12

LOW BANDWIDTH OVERHEAD

QiD relies entirely on a single ‘selfie’ with a footprint of less than 300KB, to ‘interpret’ ‘personal identity’ in 3D space in the background

12

LOW BANDWIDTH OVERHEAD

QiD relies entirely on a single ‘selfie’ with a footprint of less than 300KB, to ‘interpret’ ‘personal identity’ in 3D space in the background

QiD: Measured Performance…

Registered subscribers are given access to a special QiD Dashboard that allows performance of the technology to be tracked in real time inside a desktop/mobile browser

QiD Dashboard makes performance analysis possible in real-time...
QiD Dashboard makes performance analysis possible in real-time...

Under the rigour of extensive synthetic as well as analytic stress testing over a trial period of +24 months, QiD identified individual subjects to these overall levels of confidence:

QiD test performance results
QiD test performance results
FAQs…

Here is a comprehensive list of answers to the most common questions re QiD…

What is ‘personal identity’?

‘Personal identity’ is that innate part of you that makes you ‘YOU’ - the person who you are ‘Personal identity’ immutably persists over time, despite physiological changes that affect us all over time and independently of any names, descriptions or attributions that describe us

What is the ‘paradox of identity’?

Regulators increasingly require service providers to know who their customers/employees/students/patients/citizens… are, all of which demands that their users surrender private information about themselves to the service provider This creates a fundamental tension between effective enforcement and legitimate privacy concerns It also promotes an opportunity for identity theft and fraud to flourish QiD resolves this paradox by enabling systems to anonymously identify a person as a real human without requiring any ‘proof’ of identity and without investing value in any attestation of identity

What is Neuromorphic Computing?

Current generation Al technologies uses deep-learning networks to syntactically 'interpret' data sources (eg the content of a digital image) - this approach however suffers from the weakness that outliers that fall outside a neural net’s scope of reference, will generally cause the AI to fail certain edge cases By accurately simulating the neural processes of the human mind/brain, Neuromorphic Computing on the other hand semantically ‘interprets’ data sources to achieve a certain measure of 'cognitive interpretation' and 'autonomous adaptation' that advances Al technologies beyond current AI capabilities

What does it mean that QiD is ‘anonymous’?

Being able to identify a person without having to know anything about the person, renders QiD to be entirely an innominate process

Why do conventional identity methods have such a high rate of failure?

Conventional identification methods all suffer from the inherent weakness that ultimately, they all only confirm a person’s own say-so - “I am Bob, and here is ‘proof’ that I am who I say I am - every time I present the same ‘proof’, just assume that I am Bob” Just because someone is able to do what we expect only the actual person to be able to do (eg scribble a signature), or because someone happens to know something we expect only the actual person to know (eg login name/password/PIN/‘secret’ answer to some question…), or because someone happens to have what we expect only the actual person to have (eg ID card/passport/driver’s license…), conventional identification systems merely assume that the person is who he/she says he/she is… The rampant scourge of identity theft and fraud throughout the world however overwhelmingly speaks to the fact that a person’s own say-so simply cannot be trusted

Doesn’t biometrics solve the problem?

While biometrics function perfectly well in a highly controlled environment under superintended conditions (eg inside a banking hall or at a passport control point), the normal use of biometrics fail because they too ultimately only confirm a person’s own say-so: “I am Bob - here’s my fingerprint/faceprint/voiceprint - every time it matches my finger or face or voice, just assume that I am Bob” Biometrics also do not establish who someone is in any identity sense

How does QiD solve the problem?

Engineered on the premise that personal identity cannot be surrendered, transferred or asserted by proxy, QiD - as a direct presentment of ‘personal identity’ - is able to anonymously determine who someone is without relying on names, documents, credentials, self-asserted claims or biometrics

Why does QiD feature two LiveCheck offerings?

There is an inevitable trade-off between the user experience (UX) and liveness confidence - in cases where liveness does not require a high level of confidence (when a user for example accesses a bank account to check an exchange rate), a Lo LiveCheck will suffice, but when a user is for example required to authorise a large money transfer, only a Hi LiveCheck that is able to establish liveness to a satisfactory degree of confidence will suffice

Is QiD facial recognition?

No, QiD is not facial recognition - whereas facial recognition matches a ‘flat’ candidate image of a subject against a ‘flat’ reference image of a subject syntactically in 2D space to authenticate someone, QiD does not perform any matching of images Instead, QiD semantically interprets ‘personal identity’ - that part of us which uniquely defines who we each are - from a single ‘selfie’ in 3D space

Is a person’s QiD Hash unique?

A person’s QiD Hash is as unique as the ‘personal identity’ of the person is A person’s QiD Hash is drawn from an address space of 62^512 possible permutations - an extremely large number consisting of approximately 918 decimal digits (approximately about 6.1 x 10^907 times the current world population) - making the probability of accidental duplication statistically negligible at any conceivable population scale

What is a person’s QiD ID intended for?

As a compact representation of a person’s QiD Hash, a person’s unique QiD ID (128-bit UUID) is returned to a subscriber in response to each QiDaaS API request to serve as the reference key for customer/employee/student/patient/citizen… within the subscriber’s own systems

Is QiD a proprietary technology?

QiD is a technology development by research scientists at aiQ Cognitive Technologies (Pty) Ltd (South Africa)

Who can use the technology?

Any provider of a service (organisation, business entity, government agency… who needs to know who a customer, an employee, a student, a patient, a citizen… is, is eligible to become a subscriber…

Is the technology available for testing?

Prospective subscribers are offered (limited) access to sandbox pilot testing

How is QiD affected by natural ageing?

Since personal identity itself is not affected by age - a person always remains who he/she is - regular use of the QiD technology progressively adapts to the natural ageing of a person, implying a stable QiD Hash/QiD ID

What about identical twins?

In the extremely rare case of monozygotic twins who share the same genetic material (DNA) and that are almost always the same sex, when even a mother has difficulty to tell the twins apart, QiD may return non-deterministic results

Does QiD satisfy international privacy regulations?

As an anonymous identification technology that does not rely on names, civil identifiers or self-asserted claims to identity, QiD definitionally preserves privacy by dispensing with the need for any personal information to be disclosed

Is QiD an opportunity for OEM technology partnerships?

Recognising that certain technology providers have established access to specialised markets in which they already deliver complementary technology services, OEM partnerships are welcomed where QiD can be integrated into existing platforms or offerings

Is QiD FIDO certified?

QiD falls outside the scope of the technical framework of the FIDO (Fast IDentity Online) Alliance… FIDO (including FIDO2, WebAuthn and UAF/U2F) governs credential-based authentication, specifically how cryptographic keys are generated, stored, and used by devices to authenticate users to accounts QiD does not issue, store, manage or authenticate credentials of any kind QiD also does not rely on passwords, cryptographic keys, shared secrets, devices or accounts to establish identity Instead, QiD answers a very different question altogether: “Who is this someone, is this someone a real human and what is the estimated age of the someone?” For this reason, QiD operates outside the technical and regulatory framework of FIDO Of course, QiD can be deployed alongside FIDO-compliant authentication mechanisms, with certification handled at the application or platform layer by subscribers or OEM partners

QiD vs Passkeys - how do the two compare?

QiD and Passkeys share one outcome in common - they obviate the need for passwords - but the two technologies achieve this in fundamentally different ways that intend to serve fundamentally different objectives… Passkeys are a credential-based authentication technology - they replace passwords with cryptographic keys stored on trusted devices and are designed to securely authenticate users to pre-existing accounts By contrast - as an anonymous human identification technology - QiD does not authenticate accounts or devices Instead • QiD identifies a person directly • determines whether a person is an real human • estimates the age of a person, without relying on credentials, enrolment or any specific device or operating system In short: • Passkeys answer: “Does this device possess the correct key for this account?” • QiD answers: “Who is this someone, is this someone a real human and what is the estimated age of the someone?” QiD achieves the same no-password, phishing-resistant access outcomes as Passkeys, but does so through a fundamentally different approach, while also addressing identity and fraud challenges beyond the scope of Passkeys QiD answers the “Who?”-question not with a name or a claim, but with a stable, anonymous QiD Hash/QiD ID The two technologies therefore occupy different layers of the problem space and may be used independently or together in tandem, depending on the particular use case

Does EU AI Act impact QiD?

The EU AI Act regulates AI systems based on the level of risk they pose to individuals’ rights and freedoms, with higher-risk use cases subject to stricter safeguards From the outset, QiD was designed to align with the core principles underpinning the EU AI Act, including risk minimisation, transparency, proportionality and human oversight - in particular: • Risk-Based Design 
QiD focuses narrowly on answering three questions • “Who is this someone?” • “Is this someone a real human?” • “What is the estimated age of the someone?” without inferring behaviour, intent, preferences or personal attributes beyond what is required for identification • Privacy By Design 
QiD does not rely on names, civil identity documents, or self-asserted identity claims or other private information • Human-Centred Use 
QiD does not make autonomous decisions about rights, entitlements, or outcomes - such decisions remain the responsibility of the subscriber, with appropriate human oversight • Deployment-Context Awareness 
The classification and obligations applicable under the EU AI Act depend on the specific use case - QiD is intended to be deployed by subscribers in ways that support compliance with applicable legal and regulatory oversight QiD does not claim formal certification or classification under the EU AI Act - instead, it is designed to support responsible deployment in regulated environments by aligning with the Act’s underlying principles and measures

How much does the technology cost?

QiD operates on a high-volume, low-cost-per-transaction pricing model that scales down as a subscriber achieves certain economies of scale thresholds Since actual pricing depends on several factors: • transaction volumes • deployment context • specific use-case requirements, a bespoke cost model is tailored for each subscriber that fits the commercial framework of the subscriber

What is ‘personal identity’?

‘Personal identity’ is that innate part of you that makes you ‘YOU’ - the person who you are ‘Personal identity’ immutably persists over time, despite physiological changes that affect us all over time and independently of any names, descriptions or attributions that describe us

What is the ‘paradox of identity’?

Regulators increasingly require service providers to know who their customers/employees/students/patients/citizens… are, all of which demands that their users surrender private information about themselves to the service provider This creates a fundamental tension between effective enforcement and legitimate privacy concerns It also promotes an opportunity for identity theft and fraud to flourish QiD resolves this paradox by enabling systems to anonymously identify a person as a real human without requiring any ‘proof’ of identity and without investing value in any attestation of identity

What is Neuromorphic Computing?

Current generation Al technologies uses deep-learning networks to syntactically 'interpret' data sources (eg the content of a digital image) - this approach however suffers from the weakness that outliers that fall outside a neural net’s scope of reference, will generally cause the AI to fail certain edge cases By accurately simulating the neural processes of the human mind/brain, Neuromorphic Computing on the other hand semantically ‘interprets’ data sources to achieve a certain measure of 'cognitive interpretation' and 'autonomous adaptation' that advances Al technologies beyond current AI capabilities

What does it mean that QiD is ‘anonymous’?

Being able to identify a person without having to know anything about the person, renders QiD to be entirely an innominate process

Why do conventional identity methods have such a high rate of failure?

Conventional identification methods all suffer from the inherent weakness that ultimately, they all only confirm a person’s own say-so - “I am Bob, and here is ‘proof’ that I am who I say I am - every time I present the same ‘proof’, just assume that I am Bob” Just because someone is able to do what we expect only the actual person to be able to do (eg scribble a signature), or because someone happens to know something we expect only the actual person to know (eg login name/password/PIN/‘secret’ answer to some question…), or because someone happens to have what we expect only the actual person to have (eg ID card/passport/driver’s license…), conventional identification systems merely assume that the person is who he/she says he/she is… The rampant scourge of identity theft and fraud throughout the world however overwhelmingly speaks to the fact that a person’s own say-so simply cannot be trusted

Doesn’t biometrics solve the problem?

While biometrics function perfectly well in a highly controlled environment under superintended conditions (eg inside a banking hall or at a passport control point), the normal use of biometrics fail because they too ultimately only confirm a person’s own say-so: “I am Bob - here’s my fingerprint/faceprint/voiceprint - every time it matches my finger or face or voice, just assume that I am Bob” Biometrics also do not establish who someone is in any identity sense

How does QiD solve the problem?

Engineered on the premise that personal identity cannot be surrendered, transferred or asserted by proxy, QiD - as a direct presentment of ‘personal identity’ - is able to anonymously determine who someone is without relying on names, documents, credentials, self-asserted claims or biometrics

Why does QiD feature two LiveCheck offerings?

There is an inevitable trade-off between the user experience (UX) and liveness confidence - in cases where liveness does not require a high level of confidence (when a user for example accesses a bank account to check an exchange rate), a Lo LiveCheck will suffice, but when a user is for example required to authorise a large money transfer, only a Hi LiveCheck that is able to establish liveness to a satisfactory degree of confidence will suffice

Is QiD facial recognition?

No, QiD is not facial recognition - whereas facial recognition matches a ‘flat’ candidate image of a subject against a ‘flat’ reference image of a subject syntactically in 2D space to authenticate someone, QiD does not perform any matching of images Instead, QiD semantically interprets ‘personal identity’ - that part of us which uniquely defines who we each are - from a single ‘selfie’ in 3D space

Is a person’s QiD Hash unique?

A person’s QiD Hash is as unique as the ‘personal identity’ of the person is A person’s QiD Hash is drawn from an address space of 62^512 possible permutations - an extremely large number consisting of approximately 918 decimal digits (approximately about 6.1 x 10^907 times the current world population) - making the probability of accidental duplication statistically negligible at any conceivable population scale

What is a person’s QiD ID intended for?

As a compact representation of a person’s QiD Hash, a person’s unique QiD ID (128-bit UUID) is returned to a subscriber in response to each QiDaaS API request to serve as the reference key for customer/employee/student/patient/citizen… within the subscriber’s own systems

Is QiD a proprietary technology?

QiD is a technology development by research scientists at aiQ Cognitive Technologies (Pty) Ltd (South Africa)

Who can use the technology?

Any provider of a service (organisation, business entity, government agency… who needs to know who a customer, an employee, a student, a patient, a citizen… is, is eligible to become a subscriber…

Is the technology available for testing?

Prospective subscribers are offered (limited) access to sandbox pilot testing

How is QiD affected by natural ageing?

Since personal identity itself is not affected by age - a person always remains who he/she is - regular use of the QiD technology progressively adapts to the natural ageing of a person, implying a stable QiD Hash/QiD ID

What about identical twins?

In the extremely rare case of monozygotic twins who share the same genetic material (DNA) and that are almost always the same sex, when even a mother has difficulty to tell the twins apart, QiD may return non-deterministic results

Does QiD satisfy international privacy regulations?

As an anonymous identification technology that does not rely on names, civil identifiers or self-asserted claims to identity, QiD definitionally preserves privacy by dispensing with the need for any personal information to be disclosed

Is QiD an opportunity for OEM technology partnerships?

Recognising that certain technology providers have established access to specialised markets in which they already deliver complementary technology services, OEM partnerships are welcomed where QiD can be integrated into existing platforms or offerings

Is QiD FIDO certified?

QiD falls outside the scope of the technical framework of the FIDO (Fast IDentity Online) Alliance… FIDO (including FIDO2, WebAuthn and UAF/U2F) governs credential-based authentication, specifically how cryptographic keys are generated, stored, and used by devices to authenticate users to accounts QiD does not issue, store, manage or authenticate credentials of any kind QiD also does not rely on passwords, cryptographic keys, shared secrets, devices or accounts to establish identity Instead, QiD answers a very different question altogether: “Who is this someone, is this someone a real human and what is the estimated age of the someone?” For this reason, QiD operates outside the technical and regulatory framework of FIDO Of course, QiD can be deployed alongside FIDO-compliant authentication mechanisms, with certification handled at the application or platform layer by subscribers or OEM partners

QiD vs Passkeys - how do the two compare?

QiD and Passkeys share one outcome in common - they obviate the need for passwords - but the two technologies achieve this in fundamentally different ways that intend to serve fundamentally different objectives… Passkeys are a credential-based authentication technology - they replace passwords with cryptographic keys stored on trusted devices and are designed to securely authenticate users to pre-existing accounts By contrast - as an anonymous human identification technology - QiD does not authenticate accounts or devices Instead • QiD identifies a person directly • determines whether a person is an real human • estimates the age of a person, without relying on credentials, enrolment or any specific device or operating system In short: • Passkeys answer: “Does this device possess the correct key for this account?” • QiD answers: “Who is this someone, is this someone a real human and what is the estimated age of the someone?” QiD achieves the same no-password, phishing-resistant access outcomes as Passkeys, but does so through a fundamentally different approach, while also addressing identity and fraud challenges beyond the scope of Passkeys QiD answers the “Who?”-question not with a name or a claim, but with a stable, anonymous QiD Hash/QiD ID The two technologies therefore occupy different layers of the problem space and may be used independently or together in tandem, depending on the particular use case

Does EU AI Act impact QiD?

The EU AI Act regulates AI systems based on the level of risk they pose to individuals’ rights and freedoms, with higher-risk use cases subject to stricter safeguards From the outset, QiD was designed to align with the core principles underpinning the EU AI Act, including risk minimisation, transparency, proportionality and human oversight - in particular: • Risk-Based Design 
QiD focuses narrowly on answering three questions • “Who is this someone?” • “Is this someone a real human?” • “What is the estimated age of the someone?” without inferring behaviour, intent, preferences or personal attributes beyond what is required for identification • Privacy By Design 
QiD does not rely on names, civil identity documents, or self-asserted identity claims or other private information • Human-Centred Use 
QiD does not make autonomous decisions about rights, entitlements, or outcomes - such decisions remain the responsibility of the subscriber, with appropriate human oversight • Deployment-Context Awareness 
The classification and obligations applicable under the EU AI Act depend on the specific use case - QiD is intended to be deployed by subscribers in ways that support compliance with applicable legal and regulatory oversight QiD does not claim formal certification or classification under the EU AI Act - instead, it is designed to support responsible deployment in regulated environments by aligning with the Act’s underlying principles and measures

How much does the technology cost?

QiD operates on a high-volume, low-cost-per-transaction pricing model that scales down as a subscriber achieves certain economies of scale thresholds Since actual pricing depends on several factors: • transaction volumes • deployment context • specific use-case requirements, a bespoke cost model is tailored for each subscriber that fits the commercial framework of the subscriber

What is ‘personal identity’?

‘Personal identity’ is that innate part of you that makes you ‘YOU’ - the person who you are ‘Personal identity’ immutably persists over time, despite physiological changes that affect us all over time and independently of any names, descriptions or attributions that describe us

What is the ‘paradox of identity’?

Regulators increasingly require service providers to know who their customers/employees/students/patients/citizens… are, all of which demands that their users surrender private information about themselves to the service provider This creates a fundamental tension between effective enforcement and legitimate privacy concerns It also promotes an opportunity for identity theft and fraud to flourish QiD resolves this paradox by enabling systems to anonymously identify a person as a real human without requiring any ‘proof’ of identity and without investing value in any attestation of identity

What is Neuromorphic Computing?

Current generation Al technologies uses deep-learning networks to syntactically 'interpret' data sources (eg the content of a digital image) - this approach however suffers from the weakness that outliers that fall outside a neural net’s scope of reference, will generally cause the AI to fail certain edge cases By accurately simulating the neural processes of the human mind/brain, Neuromorphic Computing on the other hand semantically ‘interprets’ data sources to achieve a certain measure of 'cognitive interpretation' and 'autonomous adaptation' that advances Al technologies beyond current AI capabilities

What does it mean that QiD is ‘anonymous’?

Being able to identify a person without having to know anything about the person, renders QiD to be entirely an innominate process

Why do conventional identity methods have such a high rate of failure?

Conventional identification methods all suffer from the inherent weakness that ultimately, they all only confirm a person’s own say-so - “I am Bob, and here is ‘proof’ that I am who I say I am - every time I present the same ‘proof’, just assume that I am Bob” Just because someone is able to do what we expect only the actual person to be able to do (eg scribble a signature), or because someone happens to know something we expect only the actual person to know (eg login name/password/PIN/‘secret’ answer to some question…), or because someone happens to have what we expect only the actual person to have (eg ID card/passport/driver’s license…), conventional identification systems merely assume that the person is who he/she says he/she is… The rampant scourge of identity theft and fraud throughout the world however overwhelmingly speaks to the fact that a person’s own say-so simply cannot be trusted

Doesn’t biometrics solve the problem?

While biometrics function perfectly well in a highly controlled environment under superintended conditions (eg inside a banking hall or at a passport control point), the normal use of biometrics fail because they too ultimately only confirm a person’s own say-so: “I am Bob - here’s my fingerprint/faceprint/voiceprint - every time it matches my finger or face or voice, just assume that I am Bob” Biometrics also do not establish who someone is in any identity sense

How does QiD solve the problem?

Engineered on the premise that personal identity cannot be surrendered, transferred or asserted by proxy, QiD - as a direct presentment of ‘personal identity’ - is able to anonymously determine who someone is without relying on names, documents, credentials, self-asserted claims or biometrics

Why does QiD feature two LiveCheck offerings?

There is an inevitable trade-off between the user experience (UX) and liveness confidence - in cases where liveness does not require a high level of confidence (when a user for example accesses a bank account to check an exchange rate), a Lo LiveCheck will suffice, but when a user is for example required to authorise a large money transfer, only a Hi LiveCheck that is able to establish liveness to a satisfactory degree of confidence will suffice

Is QiD facial recognition?

No, QiD is not facial recognition - whereas facial recognition matches a ‘flat’ candidate image of a subject against a ‘flat’ reference image of a subject syntactically in 2D space to authenticate someone, QiD does not perform any matching of images Instead, QiD semantically interprets ‘personal identity’ - that part of us which uniquely defines who we each are - from a single ‘selfie’ in 3D space

Is a person’s QiD Hash unique?

A person’s QiD Hash is as unique as the ‘personal identity’ of the person is A person’s QiD Hash is drawn from an address space of 62^512 possible permutations - an extremely large number consisting of approximately 918 decimal digits (approximately about 6.1 x 10^907 times the current world population) - making the probability of accidental duplication statistically negligible at any conceivable population scale

What is a person’s QiD ID intended for?

As a compact representation of a person’s QiD Hash, a person’s unique QiD ID (128-bit UUID) is returned to a subscriber in response to each QiDaaS API request to serve as the reference key for customer/employee/student/patient/citizen… within the subscriber’s own systems

Is QiD a proprietary technology?

QiD is a technology development by research scientists at aiQ Cognitive Technologies (Pty) Ltd (South Africa)

Who can use the technology?

Any provider of a service (organisation, business entity, government agency… who needs to know who a customer, an employee, a student, a patient, a citizen… is, is eligible to become a subscriber…

Is the technology available for testing?

Prospective subscribers are offered (limited) access to sandbox pilot testing

How is QiD affected by natural ageing?

Since personal identity itself is not affected by age - a person always remains who he/she is - regular use of the QiD technology progressively adapts to the natural ageing of a person, implying a stable QiD Hash/QiD ID

What about identical twins?

In the extremely rare case of monozygotic twins who share the same genetic material (DNA) and that are almost always the same sex, when even a mother has difficulty to tell the twins apart, QiD may return non-deterministic results

Does QiD satisfy international privacy regulations?

As an anonymous identification technology that does not rely on names, civil identifiers or self-asserted claims to identity, QiD definitionally preserves privacy by dispensing with the need for any personal information to be disclosed

Is QiD an opportunity for OEM technology partnerships?

Recognising that certain technology providers have established access to specialised markets in which they already deliver complementary technology services, OEM partnerships are welcomed where QiD can be integrated into existing platforms or offerings

Is QiD FIDO certified?

QiD falls outside the scope of the technical framework of the FIDO (Fast IDentity Online) Alliance… FIDO (including FIDO2, WebAuthn and UAF/U2F) governs credential-based authentication, specifically how cryptographic keys are generated, stored, and used by devices to authenticate users to accounts QiD does not issue, store, manage or authenticate credentials of any kind QiD also does not rely on passwords, cryptographic keys, shared secrets, devices or accounts to establish identity Instead, QiD answers a very different question altogether: “Who is this someone, is this someone a real human and what is the estimated age of the someone?” For this reason, QiD operates outside the technical and regulatory framework of FIDO Of course, QiD can be deployed alongside FIDO-compliant authentication mechanisms, with certification handled at the application or platform layer by subscribers or OEM partners

QiD vs Passkeys - how do the two compare?

QiD and Passkeys share one outcome in common - they obviate the need for passwords - but the two technologies achieve this in fundamentally different ways that intend to serve fundamentally different objectives… Passkeys are a credential-based authentication technology - they replace passwords with cryptographic keys stored on trusted devices and are designed to securely authenticate users to pre-existing accounts By contrast - as an anonymous human identification technology - QiD does not authenticate accounts or devices Instead • QiD identifies a person directly • determines whether a person is an real human • estimates the age of a person, without relying on credentials, enrolment or any specific device or operating system In short: • Passkeys answer: “Does this device possess the correct key for this account?” • QiD answers: “Who is this someone, is this someone a real human and what is the estimated age of the someone?” QiD achieves the same no-password, phishing-resistant access outcomes as Passkeys, but does so through a fundamentally different approach, while also addressing identity and fraud challenges beyond the scope of Passkeys QiD answers the “Who?”-question not with a name or a claim, but with a stable, anonymous QiD Hash/QiD ID The two technologies therefore occupy different layers of the problem space and may be used independently or together in tandem, depending on the particular use case

Does EU AI Act impact QiD?

The EU AI Act regulates AI systems based on the level of risk they pose to individuals’ rights and freedoms, with higher-risk use cases subject to stricter safeguards From the outset, QiD was designed to align with the core principles underpinning the EU AI Act, including risk minimisation, transparency, proportionality and human oversight - in particular: • Risk-Based Design 
QiD focuses narrowly on answering three questions • “Who is this someone?” • “Is this someone a real human?” • “What is the estimated age of the someone?” without inferring behaviour, intent, preferences or personal attributes beyond what is required for identification • Privacy By Design 
QiD does not rely on names, civil identity documents, or self-asserted identity claims or other private information • Human-Centred Use 
QiD does not make autonomous decisions about rights, entitlements, or outcomes - such decisions remain the responsibility of the subscriber, with appropriate human oversight • Deployment-Context Awareness 
The classification and obligations applicable under the EU AI Act depend on the specific use case - QiD is intended to be deployed by subscribers in ways that support compliance with applicable legal and regulatory oversight QiD does not claim formal certification or classification under the EU AI Act - instead, it is designed to support responsible deployment in regulated environments by aligning with the Act’s underlying principles and measures

How much does the technology cost?

QiD operates on a high-volume, low-cost-per-transaction pricing model that scales down as a subscriber achieves certain economies of scale thresholds Since actual pricing depends on several factors: • transaction volumes • deployment context • specific use-case requirements, a bespoke cost model is tailored for each subscriber that fits the commercial framework of the subscriber

QiD-as-a-Service…

QiD can easily be integrated into an organisation’s own web/desktop/mobile app to issue a QiDaaS service request on demand through the ‘no code’ QiD API - the API workflow can briefly be illustrated like this:

QiDaaS API workflow illustration
QiDaaS API workflow illustration

• A: Subscriber client app initiates a QiD service request to the subscriber server • B: Subscriber server launches a QiD service request to the QiD API • C: QiD API initiates a QID process • D: QiD algorithm answers the QiD API • E: QID API relays the answers to the subscriber server • F: Subscriber server notifies the subscriber client app

QiD ‘Turing Tests’…

First proposed in 1950 by the ‘father of modern computing’ - Alan Turing - the ‘Turing Test’ is a benchmark for a machine's ability to exhibit human-like intelligence

As a convenient way to assist subscribers to easily answer any of the identity questions: • “What is the user’s unique identifier (QiD ID)?” • “Is the user a real human?” • “What is the estimated age of the user?”, three QiD API requests have been packaged as distinct ‘QiD Turing Tests’ that can be launched at any time:

QiD Turing Test 1

Anonymously identify a person

QiD Turing Test 2

Anonymously identify a person

Check if the person is an real human (Lo LiveCheck/Hi LiveCheck)

QiD Turing Test 3

Anonymously identify a person

Check if the person is a real human (No LiveCheck/Lo LiveCheck/Hi LiveCheck)

Estimate the age of the person

Contact…

Please contact us by email…

Send us an email...

Copyright - aiQ Cognitive Technologies (Pty) Ltd