In the wake of high-profile figures like Mark Cuban falling prey to crypto scams, the key to prevention lies in choosing wallets and platforms that prioritize security and compliance, Concordium founder Lars Seier Christensen told The Block in a recent interview.
One of Mark Cuban’s crypto wallets was drained of over $860,000 in tokens and NFTs following a phishing attack involving his MetaMask web3 wallet last month.
Prevalent social engineering threats like such phishing scams can trick even the most experienced crypto users into handing over access to their digital assets. “To prevent scams, there has to be some level of identity verification, a means to verify that the parties involved in any given transactions are actually who they claim to be,” Christensen said.
Concordium’s “regulatory-compliant” Layer 1 blockchain, which integrates an ID component, can mitigate these risks and increase the chances of a positive resolution, Christensen added. Ethereum-compatible tokens can be transferred to Concordium’s network via the Arabella bridge.
That said, even such measures may not be enough to prevent phishing attacks where the victim downloads a malicious version of the application, as was the case for Cuban.
The Concordium Foundation founder and chairman expanded his role after Lone Fønss Schrøder stepped down as CEO in February. Christensen is also the founder and owner of the investment family office Seier Capital.
Previously, Christensen founded Denmark’s Saxo Bank and ran it as CEO for 20 years. Saxo offers access to crypto through exchange-traded products and foreign exchange pairs like BTCUSD, according to its website. But the bank was ordered to liquidate its crypto holdings by the Danish financial regulator in July.
Worldcoin comparisons and Web3 ID
Concordium recently launched its Web3 ID platform, a zero-knowledge-based identity infrastructure that leverages the Concordium identity layer, drawing comparisons to the controversial Worldcoin project but without the need for eyeball-scanning Orbs.
Web3 ID enables secure and private identity verification for individuals and organizations on-chain — meaning that users can prove their identities and verify others before they interact with them, Christensen said. “Because all data is securely hosted on the blockchain, impersonation, identity falsification and, in turn, scams of this nature become close to impossible,” he added.
It may seem antithetical to the crypto ethos. However, by combining zero-knowledge proof technology and Concordium’s self-sovereign identity layer, Web3 ID enables users to verify their identity without sacrificing privacy, Christensen said.
Through ZK proofs and programmable ID solutions, there isn’t a need to sacrifice privacy for security, according to Christensen, enabling information to remain outside of centralized hubs like exchanges — which are also prime hacking targets. “Only the information necessary to validate the transaction is shared with the other party,” he said. “The data is never housed outside of the entities’ digital wallets, so individuals can engage in transactions with increased levels of trust and security without having to publicly share any information not directly relevant.”
Upholding the core principles of blockchain technology
Concordium’s Web3 ID platform is designed to heighten security while maintaining the core principles of blockchain technology, Christensen said — from decentralization to trustlessness and personal data ownership. Users share only relevant information with dapps to verify their identity, putting them in control of their data and what they share, securely hosted in a decentralized wallet, he added.
However, user credentials can be accessed in the event of legal requests from authorities. Concordium’s anonymity revokers have legal rights in specific jurisdictions. There is a publicly visible registry of anonymity revokers that is curated by the Concordium Foundation. Anonymity revokers can initiate the manual process of decrypting credential data in cooperation with identity issuers — trusted entities on-boarded by the foundation and delegated with the task of validating and issuing ID credentials to users. Each on their own cannot reveal the identity of the owner of the credential, requiring a court order or some law enforcement request in their jurisdiction to initiate the unlocking process.
When asked about security and censorship concerns surrounding this process, Christensen said the platform is designed to validate and verify the data provided but not store it. “Personal data can be accessed, albeit only during the validation of transactions, it is never stored in a centralized database which protects users against any potential data exploit.”
Christensen concluded that digital identity is central to almost everything in crypto and verifiable and secure digital identity solutions were needed to prevent interacting with fraudulent peers and falling victim to scams.
