Many of you all might remember when we submitted for a National Science Foundation grant only to be rejected shortly thereafter. What you didn’t know is what was in the grant application. Since we are no longer using the codebase, which is disclosed in the application, I feel it’s time to add it to the company history. If you have ever been rejected as a startup, we can relate.

1. The Technology Innovation

Mass Address proposes the development of a privacy preservation platform, aimed at addressing the critical challenge of securely sharing identification. This concept leverages distributed networks and cloud computing to store and manage personally identifiable information (PII) in a secure and decentralized manner. The technical innovation is a theoretical architecture that fragments PII into individual pieces, each stored on separate servers within the Google Cloud Platform (GCP), managed by different legal entities. This approach ensures that no single entity would have access to the entirety of any individual’s identity, significantly enhancing privacy protections.

The origins of this proposed theory stem from the 2017 Equifax data breach, where the personal identities of over 140 million individuals, including my own, were stolen. This breach exposed the vulnerabilities of centralized identity management systems. Additionally, inspiration was drawn from the U.S. Department of Defense Special Access Program, which compartmentalizes classified information so that no one person involved in a project or operation has access to the complete picture. Similarly, this theoretical solution would fragment identities to reduce the risk of data exposure.

This proposed solution is high-risk because it introduces a novel, unproven approach to decentralized identity management. A major challenge to validating this theory is whether state governments and other entities would be willing to manage the nodes responsible for storing fragmented identity data. The complexity of coordinating across multiple legal entities, along with technical concerns around data retrieval and privacy, adds significant risk. However, the potential to redefine how personal information is protected presents a compelling high-reward opportunity, aligning with NSF’s focus on supporting early-stage, high-impact innovations.

At the heart of this theoretical framework is the concept of the “singularity,” which would represent a person’s unified, authenticated identity, verified by state and federal agencies. After authentication, the PII would be fragmented and stored on separate servers, becoming immutable and read-only. Access to this singularity would be controlled solely by the identity owner, ensuring maximum privacy and security.

In Phase I, we seek to validate the feasibility of this privacy-preserving approach by conducting research and development on the technical challenges involved in its implementation. This includes evaluating its potential application in critical sectors such as traffic management and safety. If the concept proves viable in this domain, we aim to explore broader use cases in healthcare, finance, and government services. Our goal is to move beyond the theoretical stage and develop a groundbreaking privacy preservation application, which would set a new standard for data privacy and security in digital infrastructure.

Mass Address’s focus is on advancing a consent-based identification model, which protects privacy while fostering trust in digital transactions. Phase I will concentrate on researching and validating the pain points and technical challenges involved in this concept, with the long-term aim of building a fully functional privacy-preserving application.

2. Technical Objectives

The primary objective of this Phase I project is to research and validate the technical feasibility of a privacy-preserving application, with a focus on scalability, security, and adaptability across various sectors. Our goal is to prove that this unproven concept of fragmented PII storage can serve as the foundation for a decentralized identity management system. The key technical objectives and challenges are as follows:
1. Privacy-Preserving Data Fragmentation and Distribution:

• Objective: Research and develop the theoretical architecture required for a system capable of fragmenting and distributing PII across multiple servers, each governed by different legal entities, while maintaining the integrity and security of the data.

• Technical Approach: We will measure transactional costs across a distributed network configuration on Google Cloud Platform (GCP) to determine whether the infrastructure can securely separate and reassemble encrypted identification.

• Hypotheses to Test:

- Is the transactional cost between nodes low enough to make this a feasible enterprise-level identity application?

- Can GCP handle the necessary data distribution and security protocols, or will we need to explore alternative cloud platforms or even custom hardware solutions to support this technology?

• Expected Outcome: We aim to demonstrate that the proposed architecture can efficiently fragment and distribute large datasets containing complex identities across multiple servers while maintaining privacy, all without incurring prohibitive costs. We will also explore whether GCP is the optimal platform for this system, or whether other infrastructure options need to be considered.

2. Security and Authentication Mechanisms:

• Objective: Experiment with security features in the singularity creation process by testing various cryptographic techniques and multi-factor authentication.

• Technical Approach: We will examine encryption methods such as homomorphic encryption to ensure PII remains protected during both computation and transfer. We will also test a multi-layered authentication system involving biometric data and real-time validation with federal and state databases.

• Hypotheses to Test:

- Can storing fragmented identities actually protect them against a white box penetration test? This will validate or challenge the assumption that fragmenting data across multiple entities enhances its security, even when the system is subject to internal threats or adversaries with knowledge of the system’s inner workings.

• Expected Outcome: A validated security model that ensures the privacy and integrity of PII from the moment of its creation, through storage and access. This includes testing the ability of fragmented storage to withstand sophisticated penetration testing, ensuring the system can maintain its integrity against known attack vectors.

3. Market Opportunity

A consent-based, privacy-preserving application is poised to address growing concerns around data privacy, identity theft, and the secure management of personal information across a variety of industries. The increasing prevalence of cyberattacks and the growing complexity of regulatory frameworks like GDPR, CCPA, and other privacy laws have created significant demand for innovative solutions that can both protect privacy and enable secure, reliable identity management. We believe our proposed solution offers a revolutionary approach to these challenges, and several key markets represent substantial opportunities for its adoption.

- Traffic Management and Public Safety

The initial research focus for a consent-based identity solution is the traffic management sector, a market ripe for innovation, particularly in the realm of secure, decentralized identity management. As cities adopt smarter traffic control systems, the need for secure, verifiable, and privacy-preserving identification of vehicles, drivers, and traffic controllers is becoming increasingly important. According to recent studies, the global smart transportation market is projected to reach $285 billion by 2030, driven by the demand for improved safety, efficiency, and data-driven management of traffic. Our proposed idea could provide a unique solution for this market by enabling secure identity verification for all entities involved in traffic management while preserving individual privacy through its decentralized architecture.

If successful, we anticipate strong interest from municipalities, state agencies, and private transportation companies seeking to enhance their operations while maintaining regulatory compliance and public trust.

Evidence of Market Interest and Support

To date, we have raised $9,570 from private investors to support our research, demonstrating early-stage financial backing for this concept. Additionally, 59 people are actively following our research online, showing public interest in the development of a privacy-preserving identification system. Our founder, Edward Hood, has a professional following of 1,595 individuals on LinkedIn, further indicating a strong base of potential supporters, collaborators, and future adopters of the technology.

4. Company & Team

Mass Address Incorporated, founded in 2016 by Edward W. Hood, a cybersecurity professional with over 23 years of experience in managing mission-critical IT services, is dedicated to developing a secure, privacy-preserving identity management solution. The company’s consent-based concept aims to revolutionize how personal data is stored, shared, and secured, though further research is required to validate its feasibility.

Florida Agricultural and Mechanical University (FAMU) is a key strategic partner in this project. As a leading Historically Black College and University (HBCU) with a strong reputation in cybersecurity research and a commitment to diversity in STEM, FAMU brings valuable expertise to this collaboration. Its College of Science and Technology, particularly the Department of Computer Information Systems, has made significant contributions to privacy-preserving technologies and decentralized systems, directly aligning with the project’s goals.

Led by Dr. Samuel Kofi Erskine, Assistant Professor of Cybersecurity and Principal Investigator, FAMU’s research team will apply its expertise in privacy frameworks and cryptography to ensure rigorous technical validation of this project. Dr. Erskine’s focus on safeguarding digital identities and building scalable privacy-preserving systems is crucial to the project’s success.

With FAMU’s support, Mass Address will address challenges in scalability, security, and adaptability across key sectors such as traffic management, healthcare, and finance, benefiting from FAMU’s commitment to solving real-world challenges through cutting-edge research.

Conclusion:

Our proposal seeks to explore and validate a wide range of market opportunities, starting with a focus on traffic management and safety, and extending to high-demand sectors such as healthcare, finance, and government services. The project’s theoretical privacy-preserving architecture and scalable design envision it as a high-impact solution in industries where secure identity management is essential. With tightening regulatory requirements surrounding data privacy and a growing public demand for privacy-preserving technologies, this concept is poised to potentially capture significant market share and lead in decentralized identification management.