Biometric-based Marketplaces

Biometric-based Marketplaces

Ever since the emergence of the internet, buying, selling, and trading goods and products have become the new standard of commerce.

In reality, ordering a product online has become second nature for many, with over 1.92 billion people shopping online globally, and the global e-commerce market expected to be roughly 5 trillion USD this year.

After all, who doesn’t have an Amazon account or an eBay account?  Even if you do not buy from the big online retailers, there are hundreds, if not thousands of new online retailers, big and small, that offer their products or services online.

And for those businesses, retailers, or those starting up their own brand or services, the ability to buy, sell, and trade items online has become a game changer.  Being able to transcend the limits of the traditional brick and mortar business models, making their products and services available to a much larger customer base or being able to directly reach out to their specific niche, has forever changed our daily life, and the global economy as a whole.  It is said that by next year, 2022, e-commerce will be responsible for 17% or global sales of goods.

However, with the emergence of new opportunities, for both the consumers and the businesses, comes the emergence of new risks.  Naturally, some of the “new” risks are indeed some of the “old” risks that gained new life and ferocity through the same opportunities of a new and wider customer base.  In reality, it is said that in the year 2017 alone, online shopping frauds grew by 30%, which was twice as fast as the growth rate of e-commerce sales.

One easy example that comes to mind are counterfeit items and goods.  This type of fraud has always been around.  All you need to do is walk down the street of any major city in the world and you will find people trying to sell you fake Rolex watches or a fake Gucci bag.  It is not even out of the norm to have “branded” items that were manufactured on the same assembly line that may have been “rejected (for whatever reason)” find their way on the streets.  But with the power of e-commerce, you don’t even need to walk down the street.  All you need to do is go to eBay, Amazon, Alibaba, or any other online shopping platform.  

According to a report published by DHS, the value of seized merchandise that was seized by the Customs and Border Protection of the US, rose from $94 million in 2003 to $1.4 billion in 2018, and the numbers are rising at an alarming pace.  In addition, in 2017 alone, e-commerce frauds increased by 45% which lead to losses of $57.8 billion across 8 big industries

What makes things trickier, is that often the “counterfeit" goods, especially when it comes to electronics, are more than just some “cheap knockoffs”.  They are often built on the same assembly lines as the “branded” goods, often with the exact same inner components, but with a slightly altered exterior and branding.  They will often work “almost as good” as the branded products, often run on open-source or reverse engineered software and firmware, but most likely will not have the same customer support (even if they claim they do… meaning, by the time you figure out that you bought a piece of crap, there is nothing you can do but try to give them a “bad review”).

Of course, these counterfeit products, cheap knockoffs, along with those products that  just have the poorest of qualities due to someone just wanting to make some “quick bucks” are only the tip of the iceberg, and don’t even cover 10% of the risks.  ID theft and account theft, credit card chargeback scams, shipping frauds, billing frauds, affiliate frauds, clean frauds, and merchant frauds are, unfortunately, all clear and present risks of doing any kind of business online.

It’s a matter of trust.

As in any business, no matter if you are buying, selling, or trading, no matter what the product is, what it ultimately comes down to is the issue of trust.  Can you trust who you are selling to, can you trust who you are buying from, and can you trust who you are trading with.

On the shoppers end, trust is often gauged by reviews.  How have others reacted to the marketplace, or the products they are thinking of buying.  Naturally, some are true and helpful reviews.  Some are fake reviews posted by either bots, comment farms, or at some times, people who have a conflict of interest (for both positive and negative reviews).  On platforms such as eBay, both buyers and sellers are rated by reviews of past transactions, and at times, items will not be sold to a person if they have too many negative reviews.

If you are a small or individual business, wanting to sell your items online, often it comes down to if you want to do your own individual shop (i.e, website) and slowly build reputation and cultivate customers, or if you want to hop on a known marketplace in order to lower the risk and reach out to the market faster  (even if you need to give the marketplace a cut out of your sales).

In a centralized marketplace, or say with the big platforms such as Amazon or almost any of the big names, all issues of trust are resolved by relying on a trusted third party.  The third party will take responsibility for the operation of the marketplace, will police the platform, ensure security, keep the technology updated, and will often mediate any disputes, including financial settlements.  Without doubt, this adds to the cost to the users, but the layer of added security is something that most are willing to pay for.

Having said that, due to the lack of transparency, the commercialization of private shopping data, the types of stores, products, or services allowed, or simply the high “cost” of doing business on the large centralized platforms, many small to medium businesses are moving to, or at least seriously investigating the possibilities that decentralized marketplaces offer.  

Unlike centralized solutions, being decentralized, each party involved is responsible for taking part in running the marketplace infrastructure, is based on mutual-trust, and all members take part in the operation of the marketplace.  

Even the Chinese-owned Alibaba, has been heavily investing in blockchain technology and is said to create double the amount of blockchain applications per year compared to IBM. The goal is simple. By leveraging the transparency and traceability of blockchain and the automation of smart-contracts, they are able to lower operational costs, and believe that they will be able to onboard (and have succeeded to do so) a multitude of small and medium businesses.  But even more interesting are the emerging decentralized marketplace platforms like Boson Protocol and Origin protocol, which are directly challenging the monopolies that the larger players in the market have established, paving the way for new ecommerce business models to arise.

On the flip-side though, with the decentralized marketplaces, the security of the platform relies on the technology itself, along with the fact that it needs to be properly managed and operated by the members.  But in the end, it all boils down to one word. “Accountability”. The accountability of those that operate the marketplace, and the accountability of the users. Only when one is able to be held accountable, is trust born.  And often, compared to the “big name platforms” in the market, even though decentralized marketplaces may be the future of many online businesses, providing the accountability in order to nurture the trust, may seem lacking.

Accountability in the world of pseudonymous identities

According to Buzzfeed, 55% of online product searches done by consumers start from Amazon, and 37% of all online sales in the US are also made on Amazon.  And according to EuroMonitor, Amazon, eBay and Alibaba accounted for roughly $365 billion in sales worldwide in 2016, which added up to 31% of all global eCommerce sales.

But once again, even with those mega platforms, one of their biggest issues is buyers and sellers trying to run various scams (that were listed earlier in this article), and this issue is even more problematic in the smaller marketplace platforms.

How does a user know that the product they ordered is what it claims it is, if it will be shipped properly, and that their personal information (including credit card info) is not stolen and/or misused and will remain private?  How does a platform know that the person selling on their platform is not a scammer, is not selling counterfeit goods, will ship the product the customer bought on time according to the terms and conditions, and not scam customers until they get caught red handed, close shop, and reopen their operations under another identity? How does a shop know that they are not being scammed by a malicious actor, and that they will not be taken advantage of by the marketplace?

So, going back to the issue of accountability.  In a research published by Ericsson in 2020, it was stated that in order to satisfy the requirements for the necessary level of accountability in the marketplace, 2 points were needed to be considered.

  • Ensuring user accountability requires that every marketplace user is authenticated. Moreover, their identity in the marketplace needs to be linked to a legal entity that can be held responsible for their actions. As a result, access to the decentralized marketplace needs to be restricted to a set of entities that can be trusted to be, at least, accountable for their actions. This might be enforced, for instance, through a contract.
  • Accounting for user actions (i.e. providing proof of user transactions) can be further divided in two components. Firstly, the marketplace needs to capture the nature of the action, what has been done, when, by whom. Secondly, the marketplace also needs to record the data associated with the action. For instance, a record would contain the fact that a given user signed a contract at a given time as well as the content of the contract. Beyond just saving the data, the marketplace also needs to ensure that it is kept as long as needed, is protected against tampering, cannot be repudiated and that there are tools and procedures in place allowing for an auditor to retrieve it when needed.

Although the 2nd point can be generally solved by the use of blockchain and smart-contracts, the issue of user-accountability can become a little more challenging when looking at a decentralized market that spans across the globe.

By limiting access to the marketplace unless linked to a legal entity that can be held responsible for their actions, although it is indeed one of the most secure methods, can also mean that the businesses will be tightly bound and governed by various limitations depending on the governing laws of the nation the business is conducted in, and will often mean that cumbersome business structures and entities may be required for each country and territory that one would want to operate in.

Naturally, for large scale operations, a legal entity that can be held responsible would most likely be required.  However, for online trading, buying, and selling by individuals or small businesses, one possible solution to this issue is currently being developed by Humanode.  It is called auditable pseudonymous biometric identifications.  In short, the  system ties the identity of the users to their own biometric data.  The solution utilizes crypto-biometrics, which have been designed to keep the user's biometric identification absolutely private, while proving that the person is indeed a living person, and confirming that the person tied to the account is the person who is trying to log in.

With user accounts tied to the crypto-biometrics based identification, businesses will be able to provide sybil defenses, only allowing “proven human beings” from providing reviews, being able to build (or utilize) credit scores for customers and merchants alike, and be able to prevent a wide variety of frauds (or at least be able to hold people accountable, in the form of blacklisting the ID, preventing them from doing more harm).

The key is that biometrics are unique, and with the utilization of crypto-biometrics which incorporate the highest level of security and privacy, it is a win-win situation for both the buyers and sellers, while solving a major headache for the platforms when trying to establish trust and accountability.