· 3 min read

Elon Musk Wants to Authenticate All Twitter Users

Francis Tuffy
Francis Tuffy · Editor
Elon Musk Wants to Authenticate All Twitter Users

Behind the ‘will-he-won’t-he’ and the ‘can-he-can’t-he’ stories of Elon Musk’s attempts to acquire Twitter lurks another equally interesting tussle about identity, and how we assert and verify it when we are not physically present.

The probable new owner of Twitter has on many occasions remarked that he wants to ‘authenticate all actual individuals’ on the microblogging and social networking service. Musk’s desire to authenticate Twitter users is motivated by one of his major concerns about how Twitter operates, namely how it can be manipulated by spam accounts, and particularly those that promote cryptocurrency schemes. Musk has stated that cryptocurrency spam bots are Twitter’s ‘single most bothersome thing’.

Musk’s idea to ‘authenticate all actual humans’ as part of his approach to combat bitcoin bots aims to make it easy to distinguish between real and false accounts.

If Musk’s plan for the platform is to ensure that each account is linked to a genuine person, it will require a mechanism to verify that they are. There are several approaches available (tighter verification, 2FA, liveness testing…) but whichever approach is taken, he will face two types of challenges that we, in the ID and secure document industry, are familiar with.

Privacy and inclusion

Any attempt to link setting up and using an account on Twitter that relies on divulging personal or financial information risks excluding anyone who doesn’t (a) want to give up personally identifiable information on privacy grounds or (b) have a ‘clean’ financial history or no financial history at all.

This approach would end up excluding a significant percentage of current Twitter users who are not hiding behind a false identity and so might legitimately ask why they should have to prove who they are (again) just to satisfy the pet peeves of the new owner.

Confidentiality and security

While many users believe they have nothing to hide, forcing them to give PII creates a single point of failure.

Not only would more users have to trust Twitter not to misuse their personal information, but Twitter itself would become a much more attractive target for hackers seeking to steal identities – the so-called honeypot vulnerability.

Add to this the potential for state coercion. The current invasion of Ukraine by Russia, and the escalation of state persecution to crack down on individuals for criticising the government, is just one example of how attractive it might be for authoritarian governments who might use legal demands to compel Twitter to hand over authenticated identity data of suspected dissidents.

This demonstrates how difficult it may be to turn a seemingly simple notion like ‘authenticate all genuine humans’ into a useful product feature on an online social media platform.

The same, or certainly very similar, challenges exist in the world of ID and secure documents. For ‘fake accounts’ read ‘false identity’; for ‘pseudonyms’ read ‘tampering’ and so on.

If anything, the challenge for our industry is even tougher than Mr Musk’s because while he doesn’t need to know who the millions of Twitter users are, just that they are not anonymous ‘bad actor’ bots, in the identity industry we do need to verify the identity of each person who is holding (physically, digitally, or virtually) a document.

Subscriber content

Read the full article

Full access to ID & Secure Document News articles, newsletters and archives.

Sign Up to ID & Secure Document News Weekly

Receive regular updates on the latest news and articles posted on our website.

Verity

Verity

AI search assistant

Ask me anything from the ID & Secure Document News archives.

free questions remaining