By Mikail Conybeare, Head of Product, IDWorks
By now, most people will have seen the news that Uber has been stripped of its London licence after Transport for London (TfL) found that more than 14,000 trips were taken with drivers who had faked their identity on the firm’s app. It has less than 21 days to appeal the decision. This is bad news – not just for Uber, but for Londoners like me too.
For Uber, London is reportedly the ride-hailing company’s largest market in Europe. The financial impact of the decision, should it become permanent, would undoubtedly be substantial. Shares fell by almost 6% in pre-market trading in New York on the day of the announcement alone.
For Londoners and visitors who value the convenience, cost-effectiveness and ease Uber provides in transporting people around the capital; losing access is unimaginable. Notwithstanding what this means for Uber’s reported 45,000 drivers in London.
TfL’s public statement indicates that a key issue for them was that a change to Uber’s systems allowed unauthorised drivers to upload their photos to other Uber driver accounts. According to TfL, this allowed them to pick up passengers as though they were the booked driver, which occurred in at least 14,000 trips - putting passenger safety and security at risk. And although this exploit was reportedly resolved by Uber, TfL still do not perceive Uber’s driver verification model as fit for purpose.
Currently across ride-hailing apps, drivers have little ongoing identity verification after they have been registered onto the company, allowing people to log-into other drivers’ accounts to carry out unauthorised trips. An identity layer added as an overlay to the current technology would eradicate the risks of driver fraud completely.
As I see it, the fundamental issue with the ride-hailing industry is the lack of technology which guarantees trust and transparency in driver identity – for passengers and regulators. You can create a fake physical driving license, or pose as somebody else on their Uber account, but this becomes almost impossible to get away with when underpinned by cryptographically secure digital credentials. This problem of identity fraud is one which permeates multiple industries, from taxi-drivers, to fake doctors, to fraudulent lawyers. It is something which can be fixed quickly and easily using an emergent technology known as Self-Sovereign Identity (SSI).
My team here at IDWorks have developed an SSI solution called Envoy which would allow any taxi company to issue verified credentials to its drivers. These credentials can relate to identity attributes, such as the driver’s name, age, experience, license plate, employment contract, validity to drive, etc, and can be integrated with existing identity solutions, such as biometrics, for even greater security.
In a nutshell, customers will be able to see a secure, verified profile of the driver that would be extremely hard to fake, greatly reducing the ability to operate on a fake identity in these taxi apps. Customers, and authorities such as TfL, can have the confidence and trust that the driver is who they say they are.
Ultimately whilst this is a distressing time for Uber customers and drivers, in the long run this could be good news for improving safety and trust in the ride-hailing industry. The potential is there for this licensing nightmare to set a new global standard in identity protection and safety.
I believe that SSI will be a turning point in the ability we have to eradicate identity fraud. Not only will this save companies money it will, more importantly, protect the public who use taxi app services. As Transport for London highlights, “Safety is our absolute top priority”.