Recently there has been quite a bit of noise about Microsoft's patent "WO2020060606A1" which involves a biometric cryptocurrency system. This article will not indulge in any unproven facts and will not incorporate an opinion. Instead, it will lay out the architecture of the system, and you can decide yourself if you think it is a good implementation. Everything said here can be proven, as the data gathered about the system is from the patent itself, here, and any knowledge of cryptocurrency systems comes from years of experience in this space. Any hypothetical scenarios I mention are simply to make you think what is possible with the implementation of this system, and should not be considered a bias held towards this topic.
In crypto, there must be a way to track the transactions that have occured in the network, this is done on the blockchain. A blockchain is a data structure which cryptographically stores data in a way that is very secure due to high-level-math-based security measures.
The blockchain stores all the data of the currency which exists on that blockchain such as transactions which have taken place and wallet balances. It uses math to obfuscate who is who in the system, and creates a peer-to-peer system to transact value within, regardless of the geographical locations and political barriers that may otherwise restrict the two parties from transacting.
That blockchain, surprise surprise, is comprised of blocks of data, the data is everything just listed, as well as a few other things which are not relevant to this topic. In order to ensure no fraudulent transactions have occured, computers called miners must be verifying all the transactions in each block, a computationally intensive process. For carrying out this process, miners are rewarded with the fees paid by the parties transacting, as well as what is called a block reward. The block reward is paid out to whatever miner can verify the block the fastest, don't worry too much about how, just know very smart people work to ensure this is a completely functional process, which has worked without issue for 12 years now, and was built on ~100 years of cryptographic research.
These systems were made to create payment channels which could allow for pseudonymous transactions, which do not require a third party to intermediate the transaction, such as a bank or company like Western Union. What Microsoft is offering does not seem to be so open.
Under this system, a user would require a sensor, which as of now has not been given a specific form, but most likely would be a form of microchip with ability to read biometric data such as:
body activity sensed by the sensor comprises at least one of body radiation emitted from the user, body fluid flow, a brain wave, pulse rate or body heat radiation
Note the mention of reading brain wave activity, this will be mentioned again later.
Essentially, the sensor recieves a task from some server, the user is tasked with fulfilling this activity, if the biometric data sensed fulfills the requirements specified by the task they will receieve payment in the form of a cryptocurrency. This transaction is recorded on the blockchain, including the biometric data that was read.
This seems like a very natural step forward towards a crytpocentric world. Why would users be opposed to instant transactions, no longer waiting up to two weeks for pay, and being able to decide what tasks they perform and which ones they choose not to? It would revolutionize the way payroll systems work. All good, right?
Your brain is emmitting brain waves, right now and always, until your brain shuts off, at which point you are dead. There are six currently understood brain wave patterns which are characterized by their wavelengths. We can read these waves through a process called electroencephalography, or better known as EEG.
When you are asleep you emit delta waves. When you meditate or are in a relaxed state, theta waves are created. When you are not so focused but still awake, like when you watch TV, you emit alpha waves. When you focus hard or are anxious you emit beta waves. When you are carrying our certain cognative and motor functions you emit gamma waves. Finally, there are mu waves, which overlap with other brain waves, and occur when your body recognizes things like your arms being still.
This is an exact science, there is plenty of well-documented research to back up these links between activity and brain waves. Now, remember when it was mentioned the sensor may record brain wave data.
Think of all the times you were at work, scrolling through youtube or facebook while still on the clock. Your employer has no way of knowing so long as you aren't on their wifi network, so if you were using your own phone to do it they would be none the wiser.
Under the Microsoft system, if you are supposed to be doing a task which would put your brain into a focused state, and emit beta waves, but instead the sensor reads alpha waves, they will know you were not doing your task. Think of the possible ramifications of this system, yes workers will stop wasting their employer's money, but they must give up the right to private thoughts which do not pertain to the work tasked to the user while on the clock.
In crypto, the computationally intensive process of verifying the blocks can be carried out with any number of conesnsus mechanisms. A conesnsus mechanism is simply an incentive system which forces verifiers in the network to act honestly or receive a monetary penalty for being dishonest.
In Bitcoin, the system is implemented in the form of proof-of-work or PoW. In this system, miners must use a large amount of elecricity, which if used to act dishonestly would only incur a waste of time and money to the dishonest actor. This has led to the Bitcoin network as a whole consuming the electricity of a medium size country.
Not all cryptocurrencies use this implementation, as stated there is a wide number of other possible mechanisms to reach consensus. In Microsoft's system, the user is the miner, and the user's biometric data would be the equivalent of electricity in the Bitcoin network. The sensor takes the data read from the user's body, and creates a hash of it. Don't worry about what a hash is, if you want to know more a quick google search will suffice, just understand they are essential to the cryptographic security of a blockchain.
Since this is a centralized system, there is no need to verify the the transactions which occur, similiar to the fact that no company even looks twice at it's visa transactions, they are just assumed non-fraudulent because a central processor keeps track of the funds. Instead in this system, the users are "mining" new coins by doing physical work, whether that be manual labor, viewing an ad, writing a book, or whatever the task may be that the user has been given. The sensor verifies the activity is being done through biometrics and rewards the user accordingly through a cryptocurrency payment, recorded on the Microsoft blockchain.
Under the patent description is a list of classifications which give a good idea of what this system is aimed to achieve which is the replacement of physical payment apparatus such as credit and debit cards, cash, and less popular but still used, checks. It includes many cryptographic patents for achieveing security in the network, but also ones for transactions with vending machines, kiosks, and typical payment terminals we use in every day life.
There has been mention of addresses many times so far in this article. In cryptocurrency wallets, addresses are derived through a simple process in which the computer you are using generates a random number called a seed through a standardized process. This seed is considered a private key, and is akin to a password. It is used to verify transactions, so if you own the private key, you have access to all of the funds associated with that wallet's public key, which is what is shown on the blockchain when recording transactions. The private key is then put through a mathematical function which produces a unique address called the public key, it is impossible due to the nature of this function to work back from the public key to the private key, which is why it is completely safe to publicly display your public key wherever you'd like.
Instead of a random seed, the private key would be your DNA sequence. This is a very unique way of ensuring addresses are never repeated, because DNA is never repeated. Due to the nature of hash functions, if your DNA is exactly the same as someone else's expect one molecule is different, the resulting public key would be entirely different. This is a very interesting implementation and worth mentioning.
In crypto, wallet addresses on many currencies including Bitcoin can be traced to the user with ease. Say Dan wishes to buy a new coffee table with his bitcoin, he goes to ikea.com and orders one with his wallet, and that transaction becomes public knowledge. No one can see his name on the blockchain, just his public address. But if a government suspects Dan is part of a terrorist sleeper cell, they can go to ikea with a warrant and force them to give up the order details of the coffee table he just purchased. Now they see he owns the wallet address used to pay for that coffee table because he told ikea ikea his address to ship the table to him and that address lines up with the one the government had in Dan's file.
This is not the only way, for example tracking transactions of fiat-to-crypto purchases facilitated by centralized exchanges. If you use Coinbase, Circle, or any other centralized intermediary for purchasing your crypto you muct fill out KYC forms. These forms are enforced by governments across the globe to keep track of the identities of the company's customers for this exact reason. If the government wishes to see who owns what address, they simply need to find out which exchange is providing them the crypto and serve them a warrant for the info.
For crypto exchanges and merchants the process is a bit different, but absolutely a form of blacklisting. If they find out someone they dislike uses a wallet on their platform, they need only isolate their address and put them on a blacklist of wallet addresses. From now on that user may not transact with that platform because their address is on a list of addresses they can refuse to offer services to.
Imagine a world in which people rely on their biometric wallet to transact. Purchasing groceries at the local supermarket is as simple as swiping your hand over an RFID chip reader, and the funds are deducted from your wallet instantly. If someone decides to dissent agaisnt their government, image how simple it would be to blacklist their wallet, and shut them out of the entire economy unless they conform to that government's rules.
For those of you reading that and saying "well I'm not a terrorist, so I need not worry", I'll remind you of the famous poem "First They Came For The Jews" by Martin Niemöller.
First they came for the Jews and I did not speak out because I was not a Jew.
Then they came for the Communists and I did not speak out because I was not a Communist.
Then they came for the trade unionists and I did not speak out because I was not a trade unionist.
Then they came for me and there was no one left to speak out for me.
Crypto was invented in 2008 amid a global financial crisis. It was created because the inventor realized that centralized authority over the payment channels used by everyone on the globe was a massive point of failure and gave rise to financial slavery with people locked into the single system for transacting which existed only through these central authorities. It was created to take the power away from the banks and institutions, and this system aims to give it right back to them, under the false guise of being a cryptocurrency system running on a blockchain. It is a wolf in sheep's clothing, just because a system uses a cryptographically secure method of record-keeping in the form of a blockchain does not make it open and decentralized.