Last week, identity verification and authentication startup World (which was cofounded by OpenAI cofounder Sam Altman) announced that it is broadening operations of its Orb device in the US. The Orb is a large-form-factor iris scanner device that also has a mobile-phone-size counterpart. Orb provides proof-of-human authentication and liveness detection mainly for Worldcoin users. Stripe payment ecosystem integration with Worldcoin is also planned.

Orb faces several challenges that will hamper its ability to gain broader consumer adoption, including:

  • A required mobile-side sensor on the user’s device. Most identity verification and authentication schemes leverage mobile-device-native, consumer-grade sensors (e.g., a camera, fingerprint reader, microphone, accelerometer, or GPS). Orb adds a requirement for a nonstandard iris scanner, meaning extra hardware and software costs and integration. Traditionally, customers have been unwilling to pay for such features (see Microsoft InfoCard). Without a reliable readily available mobile-phone-integrated sensor, identity verification and authentication use cases are limited. Customers cannot scan their passports, faces, or fingerprints in preparation (e.g., registration, ticket purchasing, checking bags, or entering airports) for air or train travel. Without consumer-side preregistration, using biometrics (including iris scanners) also creates scalability and throughput problems (read: “massive lines”).
  • Iris scanning accuracy that is sensitive to alcohol consumption. Studies show that with alcohol consumption causing the pupil to dilate, iris scanning may be leading to false rejects in situations when the subject has consumed alcohol. Eye disorders may also reduce the accuracy rate of iris recognition.
  • Privacy concerns. Like with other biometrics, iris scanning collects unalterable personal biometric data, or at least an encrypted version of it, for registration time storage and later comparison with authentication time data. While the Orb claims to delete the image immediately, privacy advocates argue that the data collected is still private and that conditions and rules around its use are unclear.
  • Hackable iris scanning. In addition, iris scanning security is vulnerable to simple presentation attacks. In 2016, the Galaxy Note 7 smartphone debuted with an integrated iris scanner that got hacked in a year by using a photo of the victim’s eyes and placing a contact lens between the photo and the iris scanner, which fooled the scanner.
  • Regulatory obstacles and bans. In response to watchdog organizations’ complaints, some countries (including Brazil, Colombia, Germany, India, Kenya, Portugal, South Korea, and Spain, as well as special administrative region Hong Kong) have already banned the use of the Orb or Worldcoin or both.
  • Orb being centralized and therefore not linked to government-issued identities. Many governments are working to issue online and physically usable natively digital identity documents (e.g., national IDs, driver’s licenses, or passports). The Orb and Worldcoin’s identity system is largely unrelated to these schemes. This means that virtual asset service providers such as Coinbase still have to perform a know-your-customer process using traditional methods (like government-issued physical or digital identity document-based verification) before allowing the customer to register using the Orb. Lastly, the Orb ecosystem and architecture are centralized and have limited utility for non-Worldcoin use cases.