If you hear privacy and your first thought is laborious processes and access management, this interview may be just as mind-expanding for you as it was for our host Pascal. He is joined by Alex and Haozhi who talk about the Anonymous Credential Service (ACS), a highly available multitenant service that allows clients to authenticate in a de-identified manner. They discuss the cryptographic primitives powering the service and the various challenges they encountered scaling it to support Meta's products.

Got feedback? Send it to us on Twitter (https://twitter.com/metatechpod), Instagram (https://instagram.com/metatechpod) and don’t forget to follow our host @passy (https://twitter.com/passy and https://mastodon.social/@passy). Fancy working with us? Check out https://www.metacareers.com/.

Links

• How Meta enables de-identified authentication at scale - https://engineering.fb.com/2022/03/30/security/de-identified-authentication-at-scale/

• Open-sourcing Anonymous Credential Service - https://engineering.fb.com/2022/12/12/security/anonymous-credential-service-acs-open-source/

• ACS on GitHub - https://github.com/facebookresearch/acs

• ReactJS - The Documentary - https://www.youtube.com/watch?v=8pDqJVdNa44

Timestamps

• Intro 0:12

• Alex and Haozhi Intro 1:22

• Cryptography and Privacy 2:47

• Team Mission 3:35

• Data Minimisation 4:28

• PETs 5:13

• Why authenticate? 8:39

• ACS under the hood 10:06

• ACS Architecture 16:02

• Challenges 21:03

• ACS in Open Source 26:36

• Key-Derivation Functions 29:22

• How to get started 32:10

• Outro 33:47

• Bloopers 34:29