In our daily lives we are regularly asked to provide personal details, and in many instances, we cannot secure a service or product unless we do so. This may involve a simple request to provide proof of identity, or a much more detailed one, perhaps requiring verification. This can be time-consuming, and often a fraught process, and there is always concern for the security of that data. While online privacy concerns are at an all-time high, organizations increasingly store sensitive information digitally, in centralized databases.
Global regulators continue to evolve laws and regulations accompanied by outsized penalties for companies that fail to comply with them. The annual cost of cybersecurity crime to Australia alone is estimated to be in the range of $29 billion to $30 billion. A 2023 KPMG report estimated the total cost at $29 billion per year, with direct costs to businesses accounting for a significant portion. The Australian Cyber Security Centre’s 2022-23 Cyber Threat Report highlighted a 14% increase in the average cost of cybercrime per report compared to the previous year.
Increased regulation and penalties follow the foundation set by other international privacy legislation, such as Europe’s General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA). The maximum penalties for non-compliance have been significantly increased. The penalty for a serious privacy breach up until late 2022 was just $2.22 million. Now, businesses can be charged with the greater of:
- $50 million
- three times the value of any benefit obtained through the misuse of information
- 30 percent of the company’s adjusted turnover in the relevant period
These penalties are a compelling reason alone for businesses to improve the way they protect their client’s data. This is just the beginning — businesses need to understand their data obligations and where needed, implement new, compliant processes.
Read on to explore why the combination of Google Cloud Platform, and ShareRing’s digital identity platform, are a revolutionary approach to personal privacy and business protection.
The data security arms race
More-and-more the transfer of our personal details is done digitally, and the risk of someone obtaining those personal details is growing exponentially. We are all aware of the growing risk of identity theft and other exploits that compromise our personal information. A centralized store of identity data is an irresistible high risk data source to cyber criminals and threat actors.
Digital Identity as a Service
ShareRing Link, is a decentralized public infrastructure (DePIN) solution that leverages Google Cloud for its core infrastructure. ShareRing’s ecosystem is architected to ensure minimal personal data is shared, and importantly is not stored centrally. ShareRing Link is a business system that enables a user to share select personal information from an encrypted Vault to a businesses’ backend system, such as KYC information to a financial institution, or age verification to a licensed merchant, for alcohol sales, via a zero-knowledge proof function.
ShareRing Me, a digital identity app available on Android, uses Blockchain technology to collect and store verified identity data in an immutable, reusable, self sovereign Vault, a “Digital Me”, on the user’s personal smart device. At all times the User controls who they choose to share their data with from their advice. ShareRing Me also gives the user the ability to backup the heavily encrypted Vault file onto their personal Google Cloud, to ensure no data is lost.
Privacy and Data Segregation with Google Cloud
Google Cloud Platform is quickly becoming a leader in business and enterprise cloud computing worldwide. This is, in large part, due to their “security by design, security by default” stance, underpinning a comprehensive and industry-leading approach to data protection.
Data Segregation:
Google Cloud customer data is siloed, which reduces the attack vectors. This is driven by their self imposed objectives to protect customer data and security, as well as the need to adhere to increased regulatory compliance requirements globally.
- Google Cloud uses Logical Isolation mechanisms inherent to virtualization technology to create isolated virtual environments for each customer, ensuring that their data and applications are not directly accessible to others.
- ShareRing Self-Sovereignty: ShareRing Me uses a decentralized storage model to keep verified and encrypted personal data on the User’s personal smart device.
Data Encryption and Access Controls:
- Encryption: Google Cloud has built-in encryption capabilities, such as Cloud KMS (Key Management Service) to encrypt data at rest and in transit.
- ShareRing Smart Contracts: ShareRing uses smart contracts to automate and enforce access rules based on predefined conditions, ensuring that only authorized parties can access. Data is secured across multiple nodes in ShareRing blockchain, making it immutable to breach or tampering.
- IAM and RBAC: Google Cloud Identity and Access Management (IAM) is used to implement granular access controls and permissions for different users and roles. In addition, Google Cloud also uses role-based access control (RBAC) and network segmentation to restrict access to customer data based on user permissions and network boundaries.
- Storage: While Google Cloud can provide additional storage capacity, it could be used in conjunction with ShareRing to offer redundancy and disaster recovery of the encrypted Vault.
Strong technology intersect
ShareRing Founder, Tim Bos, stated – “Google Cloud’s commitment to customer data protection is a significant factor in why we chose to partner with them. Our technologies and philosophies intersect seamlessly. The extensive and industry-leading security controls Google Cloud provides, and ShareRing’s self sovereign identity solution, together are a much needed evolution in privacy, in a world where personal information is as precious, or moreso, as your other assets”.
Assurance of best practices in a combined identity solution
Both ShareRing and Google Cloud undergo regular audits and certifications to ensure compliance with various security standards, such as ISO 27001. Digital Identities are also becoming increasingly regulated. ShareRing is certified against the UK’s Digital Identity and Attributes Trust Framework (DIATF) and is seeking accreditation against similar frameworks in the EU (eIDAS 2) and Australia Digital ID framework as they come into play.
Business inquiries:
Ryan Bessemer, ShareRing Global
+61 403 300 442
About ShareRing
ShareRing Global stands as the only digital identity business certified with ISO27001 Information Security Management certification, as well as a DIATF-certified provider in the UK. Our suite of identity verification technologies transforms online interactions, ensuring they are
safer, faster and easier. You choose what you share with ShareRing.
About Google Cloud Platform
Google Cloud Platform (GCP) is a suite of cloud computing services offered by Google that provides a series of modular cloud services including computing, data storage, data analytics, and machine learning, alongside a set of management tools.