In 2021, online payment fraud grew 14%, from $17.5bn to over $20bn. At the same time, 46% of organizations surveyed by PwC reported experiencing fraud, corruption, or economic crimes in the last 24 months, with 70% of those coming via an external attack or collusion. There are hundreds of different statistics that all mark the same point: the internet can be a dangerous place where there’s money changing hands. When you compound that with the rise of remote working, new digital security issues, and corporate information policies, data appears more exposed than ever.
Cybercrime has surged over the last decade, as more and more platforms create new opportunities for digital thieves and hackers to scam and swindle at will. However, it’s really in the last three years that the data has taken a giant leap. Of all global fraud, it’s thought that around 40%, though likely more, is platform fraud, with the scams originating on platforms including social media, streaming services and marketplaces. Anywhere that a user can attempt to build trust or make communications there is an opportunity for cybercrime to take place.
That’s the unfortunate reality of Web2. It is the Wild West of data privacy.
What Did Web 2.0 Get So Wrong?
The first thing to acknowledge is that they probably didn’t set out to. The internet was never designed to be secure internally, it assumed that if you were on the network you could be trusted. Nor was the World Wide Web designed to be secure, it was just a way of making data stored for public consumption on the Internet accessible. Web 2.0 brought the age of platforms with vast numbers of users consuming often ephemeral, but highly addictive services, the problem was how to make money from them. When the answer turned out to be data and advertising based on data the problems started:
- Verification – With Web2.0, you have to prove you are you. It’s a usually asymmetric, and always deeply flawed system which relies more heavily on assumptions and inference than it does on actual data. SMS codes, uploading your ID, or taking selfies do little to actually protect users or platforms, but they do help build valuable data sets. From the consumer’s perspective, this whole premise is flawed. Our identity should be ours, and it should be possible to confirm it online as effectively as we do at passport control. Web2.0 never figured out how to make that happen, or perhaps it didn’t want to, because giving you back your data meant giving away their control.
- Data Storage – Our data is not under our control. Do you want your credit report? You need to apply for it. Do you want to know your spending history? Ask Mastercard or your bank. Do you want to know about your insurance, mortgage, and student loans? All of that data exists at their end, not yours, and you have no choice but to trust that they will take care of it. How many hundreds of millions of trusting people have that stung in recent years?
- Passwords – The fraudsters’ holy grail. Most of us are bad at creating, managing and remembering them, and we’re lazy. So passwords are an open goal for anyone wanting to steal our data and feature in most of the biggest data breaches.
- Inconvenience – In trying to tame the excesses of Web 2.0 regulators have imposed ever tougher restrictions on what can be done with consumer data. GDPR, Cookie preferences CCPA, the list goes on. While there have been some significant consumer benefits, the biggest impact has been in how inconvenient using the internet has become. Much of the value of the regulations has been eroded because it’s simply easier to click “accept all ” and then your data is gone from your control forever.
- Impersonation – You could quite easily gather enough information about your best friend or a family member to make a strong fake profile and impersonate them for a joke. But, what if it was a stranger, it wasn’t a joke, the intentions were malicious, and they already had your data without you knowing it? Your digital identity is up for grabs in Web2.0, and all it takes is a few clicks to create a false identity.
- The Value Exchange is Broken – the native currency of Web2.0 is data, and the biggest spender is the advertising industry. Remember, when you use Facebook, Instagram, or Twitter, you are not the consumer, you are the product. The business model relies on them using your data to target ads to you. All of these platforms are cleverly designed to farm your attention and put you in front of more and more ads
Fixing the problems of Web2.0 with Web3
At the dawn of Web 2.0, nobody knew that was where they were. Web3 is different, apes aside, it is very deliberate in its intent to fix the problems of Web 2.0. Our personal data has been used and abused for far too long, and Web3 is about taking a stand, stamping out data exploitation and creating a better way forward, giving you back your data so that you control your identity exactly as you wish. It is also minting a new data model for platforms to follow, one where the owner of the data can benefit, whilst the platforms and advertisers can provide a service that has synchronous value.
One such solution is Self. Where similar protocols such as Civic and Web5 are looking to identify users through better code, trustless systems and online verification processes, Self is building trust by extending real world verification of humans into the Web3 space, so you know exactly who you are dealing with at all times.Trustless systems are great at controlling the interaction between machines by relying on keys, but sometimes, actually most times, we need to know who has the keys and that’s where Self comes in. Their use of Web3 technology to tie humans to the technology they rely on has fixed things:
- Verification – You verify yourself when you join the app, and this self-verification grants you access to partnered services, without having to hand over your data
- Passwords – No passwords, just biometrics
- Inconvenience – By supporting the concept of regulation, Self makes the Web frictionless again.
- Data Storage – All identifiable information is encrypted on your device, in a highly secure app. There’s nothing retained on Self’s network
- Impersonation – Impossible. Only you have the potential to verify yourself and your credentials. Nobody else could get as far as verifying themselves unless they had access to you physically, as well as all of your documents
- Value Exchange – Services must pay a microtransaction fee to engage with you, and in time, you’ll earn a share of this. Imagine being paid to give companies access to your data!
Verdict: Web 3 – Ending the Wild West
By owning and controlling data which is about us we can shift the balance of power over data away from the web 2.0 platforms. By being able to verify facts in real time we can prevent fraudsters from stealing from us and the people we care about and by controlling and democratising communications we can simplify and remove friction from the web experience. Barbed wire brought the Wild West to an end. Platforms like Self, Civic and Web5 are deploying technology that, once it starts to gain mass adoption, will cut cyber criminals out of the equation, just as the barbed wire did for the cowboys.