I've been busy lately pursuing Democratic Identity. DI.
Forget your regular ID, that's been stolen. It's been stolen by criminals and mismanaged by governments. The criminals are busy robbing computer users of an estimated
$100 billion a year, and governments have failed to deliver any reliable identity to citizens.
It isn't the money that is the worst of it.
Current identity frameworks rely on having a machine to check someone's ID. Documents are useless and even electronic documents are little better, for governments that is, and for citizens they're completely useless. Unless you have a reader and access to
the system, otherwise you are just a potential victim of someone who controls the ID machine and any scammer.
I think identity is tied to democracy. You need one to be counted. You also need, and have a right, to determine the identity of someone with whom you are interacting, even if they're a government official.
When I voted in a recent election, the process of taking (right word) my vote was ridiculously flawed. It was a sham really. In the 21st century I had to go to the neighbourhood polling booth where supporters of various parties handed me paper voting recommendations.
With my armful of paper I then went and had my name crossed off a paper list, went into a cardboard booth and used a pencil to mark two other pieces of paper and put them into a cardboard box. 21st century democracy?
Not for the trees.
Not really for me either.
I note that my name also appeared on other voter lists at other polling booths in nearby neighbourhoods. There was nothing stopping me from going to another booth and having another vote there.
I could also have gone and voted at the other booth pretending to be the person who voted before me when I voted. I overheard them give their name to the 'list ticker' and could easily have presented myself at another booth and said their name. I wasn't
required to show any ID.
If I had Democratic Identity I could have used my mobile from home, saved a lot of trees, ensured I only had one vote and that no-one else could vote in my name, and it would have been less prone to manipulation.
I'm not about to suggest the government might 'rub out' my pencil vote on that piece of paper and tick their box, but it could easily happen. There would be fewer opportunities for mistakes and little opportunity for corruption. Democracy would be delivered.
All we need is Democratic Identity.
DI the new ID - the one they can't steal.
Another little bonus will be that you may not need to carry any documentation. You'll also be able to verify your transactions, whether your bank wants you to or not. Just ask the merchant what he thinks of that.
You'll be able to verify your identity to anyone you choose, without giving away a single personal detail, and more importantly you'll be able to verify someone else's - everyone's.
The policeman will need to prove he's a policeman to check your identity and it won't matter if your jaw is wired up after your football game and you can't utter a word. It won't matter if you are a tourist in a foreign land and can't speak or understand
a word of the language. It won't matter if you are deaf or blind or the policeman is in plain clothes.
It won't matter if you don't have a smart-card reader in your pocket.
Democratic Identity requires care in the roll-out but it can't be a 20 year project. Everyone needs it now.
It'll make us all safer, happier and ensure that we're counted, even those who can't stand up for themselves.
DI - the ID for democracy.
ps. Steve mentions Multiple ID's which sound like an even bigger headache than we have now.
The issue of democracy, or perhaps equality in ID is one of the most important aspects of the debate we need to have before we spend collective and countless billions on any 'solution'.
Everyone needs to be able to identify someone. I want my Mum to be able to check the credentials of the plumber before she opens the door to them. Unless she is going to get a smart card reader fitted to her front door as well, then what are the options?
What does she already have which could be seconded to the task?
I don't know about you, but I'm well past the debate on whether a gadget and reader approach is at all practical.
I'm more interested in establishing what identity means and what rights we should have to protect and share it.
Not personal details. I plan to make them worthless. After all they're pretty useless and almost worthless now, seeing all that data is out there already.There is so much that the price has dropped, but that may be partly because the bank balances they target
have too.
I know the focus is financial services, however financial services have to respond to consumer/customer needs, and if consumers decide they want ID then that is what they'll get and banks will have to adapt.
I notice McAfee has announced that many consumers are desperate enough to accept biometrics. A testament to the security industry's general failure.
They didn't quite put it that way, but perhaps they are leading towards offering a biometric solution ?
I have a feeling that in the short term both banks and governments may be a little more discerning, and I am certain of it in the long term.
I'm not exactly unfamiliar with biometrics and immediately exposed the weakness in a biometric system designed to protect nuclear facilities. It was the latest high-tech infrared finger vein scanner card, and I recollect it took a few seconds and few cents
to defeat it at first look. I'm happy to sell you a fingerprint lock, we have a biometrics company, although a door-lock can be fun, I'm the first to admit that biometrics are very limited in their application.
The good thing about the mobile is that it isn't limited, except perhaps by the imagination of the user, or service provider.
As for not giving away IP, get over it. Perhaps your energy would be better spent providing proper answers to the questions and issues I've raised with biometrics and smart cards.
What does my Mum do Steve? Who is going to buy her, and every other grandmother, a reader? I've seen all sort of frankly flippant answers and none made any sense.
Explain the processes for individuals. What do we need to participate in the multiple identity card/reader solution? How does it help us interacting? Not just with the bank or the bus? You ignore many important identity occasions and don't have a solution
for them. It is unrealistic and simply unworthy of promotion.
Perhaps a more open mind and a little more understanding of the many issues for consumers and citizens would see you agreeing that they too have a right to control their identity and test another's. Forget the multiple identity stuff, haven't you noticed
how people dislike multiple passwords? Too hard. Do I have to pay for each alias?
Don't you get it?
The smart card crowd are living in denial. So what if you've issued a million cards, or 10 million, or a hundred million, they'll end up in the trash before those 3 billion plus mobiles do, and when they do they won't be replaced like the mobiles will.
Without a full understanding of the many complex issues involved with identity it is going to be difficult to understand the advantages of a particular solution. I don't mind admitting I fooled around with 'smart cards' a couple of decades back, but to me
they made even less sense now than they did then, I had my mobile back then, but now so do you and almost everyone else. I am also involved with a biometric business, but every biometric solution has shortfalls that the mobile can cover at lower cost and with
greater flexibility, and in the end why bother with the other gadgets when the mobile can do more?
For instance. Child care centres. How do they know who is authorised to pick up a child? What if someone else has to do it in an emergency?
I'd like Steve to explain the process.
I have a biometric solution but it fails when someone new tries to pick up a child, even if authorised. There has to be a fall-back. I see the mobile.
I ditch the biometrics and just use the mobile - less hassle, more convenient and flexible.
How would you do it with cards Steve? Explain the exception process, rather than the rule. New person in an emergency, lost card, fingerprint fingers in a cast? Reader broken?
While you are at it, explain how much it costs for the government to accurately audit the child care centre subsidy ? In real time.
Show me how cards don't just waste time and money.
That's why I am under-impressed with Visa and their solutions, after all they're not in the business of identifying the plumber to my Mum, so why would they even bother to create a solution for it? Same with banks. They can't justify spending on non-bank
stuff either.
There are a million issues I haven't heard a smart card answer for, billion$ of reasons not to use cards, many issues which appear to not even have been considered, and most importantly billions of people without the means to to participate.
Explain away.