Blog article
See all stories »

Democratic Identity Is The ID and Vote They Can't Steal

I've been busy lately pursuing Democratic Identity. DI.

Forget your regular ID, that's been stolen. It's been stolen by criminals and mismanaged by governments. The criminals are busy robbing computer users of an estimated $100 billion a year, and governments have failed to deliver any reliable identity to citizens.

It isn't the money that is the worst of it.

Current identity frameworks rely on having a machine to check someone's ID. Documents are useless and even electronic documents are little better, for governments that is, and for citizens they're completely useless. Unless you have a reader and access to the system, otherwise you are just a potential victim of someone who controls the ID machine and any scammer.

I think identity is tied to democracy. You need one to be counted. You also need, and have a right, to determine the identity of someone with whom you are interacting, even if they're a government official.

When I voted in a recent election, the process of taking (right word)  my vote was ridiculously flawed. It was a sham really. In the 21st century I had to go to the neighbourhood polling booth where supporters of various parties handed me paper voting recommendations. With my armful of paper I then went and had my name crossed off a paper list, went into a cardboard booth and used a pencil to mark two other pieces of paper and put them into a cardboard box. 21st century democracy?

Not for the trees.

Not really for me either.

I note that my name also appeared on other voter lists at other polling booths in nearby neighbourhoods. There was nothing stopping me from going to another booth and having another vote there.

I could also have gone and voted at the other booth pretending to be the person who voted before me when I voted. I overheard them give their name to the 'list ticker' and could easily have presented myself at another booth and said their name. I wasn't required to show any ID.

If I had Democratic Identity I could have used my mobile from home, saved a lot of trees, ensured I only had one vote and that no-one else could vote in my name, and it would have been less prone to manipulation.

I'm not about to suggest the government might 'rub out' my pencil vote on that piece of paper and tick their box, but it could easily happen. There would be fewer opportunities for mistakes and little opportunity for corruption. Democracy would be delivered. All we need is Democratic Identity.

DI the new ID - the one they can't steal.

Another little bonus will be that you may not need to carry any documentation. You'll also be able to verify your transactions, whether your bank wants you to or not. Just ask the merchant what he thinks of that.

You'll be able to verify your identity to anyone you choose, without giving away a single personal detail, and more importantly you'll be able to verify someone else's - everyone's.

The policeman will need to prove he's a policeman to check your identity and it won't matter if your jaw is wired up after your football game and you can't utter a word. It won't matter if you are a tourist in a foreign land and can't speak or understand a word of the language. It won't matter if you are deaf or blind or the policeman is in plain clothes.

It won't matter if you don't have a smart-card reader in your pocket.

Democratic Identity requires care in the roll-out but it can't be a 20 year project. Everyone needs it now.

It'll make us all safer, happier and ensure that we're counted, even those who can't stand up for themselves.

DI - the ID for democracy.

 

ps. Steve mentions Multiple ID's which sound like an even bigger headache than we have now.

The issue of democracy, or perhaps equality in ID is one of the most important aspects of the debate we need to have before we spend collective and countless billions on any 'solution'.

Everyone needs to be able to identify someone. I want my Mum to be able to check the credentials of the plumber before she opens the door to them. Unless she is going to get a smart card reader fitted to her front door as well, then what are the options? What does she already have which could be seconded to the task?

I don't know about you, but I'm well past the debate on whether a gadget and reader approach is at all practical.

I'm more interested in establishing what identity means and what rights we should have to protect and share it.

Not personal details. I plan to make them worthless. After all they're pretty useless and almost worthless now, seeing all that data is out there already.There is so much that the price has dropped, but that may be partly because the bank balances they target have too.

I know the focus is financial services, however financial services have to respond to consumer/customer needs, and if consumers decide they want ID then that is what they'll get and banks will have to adapt.

I notice McAfee has announced that many consumers are desperate enough to accept biometrics. A testament to the security industry's general failure.

They didn't quite put it that way, but perhaps they are leading towards offering a biometric solution ?

I have a feeling that in the short term both banks and governments may be a little more discerning, and I am certain of it in the long term.

I'm not exactly unfamiliar with biometrics and immediately exposed the weakness in a biometric system designed to protect nuclear facilities.  It was the latest high-tech infrared finger vein scanner card, and I recollect it took a few seconds and few cents to defeat it at first look. I'm happy to sell you a fingerprint lock, we have a biometrics company, although a door-lock can be fun, I'm the first to admit that biometrics are very limited in their application.

The good thing about the mobile is that it isn't limited, except perhaps by the imagination of the user, or service provider.

As for not giving away IP, get over it.  Perhaps your energy would be better spent providing proper answers to the questions and issues I've raised with biometrics and smart cards.

What does my Mum do Steve? Who is going to buy her, and every other grandmother, a reader? I've seen all sort of frankly flippant answers and none made any sense.

Explain the processes for individuals. What do we need to participate in the multiple identity card/reader solution? How does it help us interacting? Not just with the bank or the bus? You ignore many important identity occasions and don't have a solution for them. It is unrealistic and simply unworthy of promotion.

Perhaps a more open mind and a little more understanding of the many issues for consumers and citizens would see you agreeing that they too have a right to control their identity and test another's. Forget the multiple identity stuff, haven't you noticed how people dislike multiple passwords? Too hard. Do I have to pay for each alias?

Don't you get it?

The smart card crowd are living in denial. So what if you've issued a million cards, or 10 million, or a hundred million, they'll end up in the trash before those 3 billion plus mobiles do, and when they do they won't be replaced like the mobiles will.

Without a full understanding of the many complex issues involved with identity it is going to be difficult to understand the advantages of a particular solution. I don't mind admitting I fooled around with 'smart cards' a couple of decades back, but to me they made even less sense now than they did then, I had my mobile back then, but now so do you and almost everyone else. I am also involved with a biometric business, but every biometric solution has shortfalls that the mobile can cover at lower cost and with greater flexibility, and in the end why bother with the other gadgets when the mobile can do more?

For instance. Child care centres. How do they know who is authorised to pick up a child? What if someone else has to do it in an emergency?

I'd like Steve to explain the process.

I have a biometric solution but it fails when someone new tries to pick up a child, even if authorised. There has to be a fall-back. I see the mobile.

I ditch the biometrics and just use the mobile - less hassle, more convenient and flexible.

How would you do it with cards Steve? Explain the exception process, rather than the rule. New person in an emergency, lost card, fingerprint fingers in a cast? Reader broken?

While you are at it, explain how much it costs for the government to accurately audit the child care centre subsidy ? In real time.

Show me how cards don't just waste time and money.

That's why I am under-impressed with Visa and their solutions, after all they're not in the business of identifying the plumber to my Mum, so why would they even bother to create a solution for it? Same with banks. They can't justify spending on non-bank stuff either.

There are a million issues I haven't heard a smart card answer for, billion$ of reasons not to use cards, many issues which appear to not even have been considered, and most importantly billions of people without the means to to participate.

Explain away.

3307

Comments: (6)

Stephen Wilson
Stephen Wilson - Lockstep Group - Sydney 10 December, 2008, 04:11Be the first to give this comment the thumbs up 0 likes

 

Dean wrote:

"Forget your regular ID, that's been stolen. It's been stolen by criminals and mismanaged by governments."

We need some precision in this discussion.  It's very rare for criminals to steal an "identity" full stop. But they steal identifiers (plural) by the truck load. Card Not Present fraud is the classic example; it involves replaying a parcel of stolen identifiers and supporting data.  But taken together these data are not my "identity" in the sense that Dean uses in the rest of his post, which is mostly concerned with government identity.  Most "identity theft" is better understood as "identifier takeover". This semantic point is usually not worth worrying about, but when the discussion jumps from banking ID to government ID I think it's worth pointing out the technical differences.

Dean goes on to posit ...

"DI the new ID - the one they can't steal."

Unless Dean is willing now to talk turkey and explain how this works, the discussion remains worse than academic -- it's hyperbolic!  What sort of technology is so good that one can make the bald statement "the one they can't steal"?  Security 101 says 'No security technology is perfect'.

In reality, a safer approach is to have people maintain separate identities (or 'identifiers', or 'claims' to use the terminology of the Laws of Identity) each specific to a certain class of transactions. This isn't as hard as it might sound -- we do it today, seamlessly.  When I access my personal bank account, or my business bank account, or my health insurance, or my airline club, I use separate ids, almost instinctively.

Multiple ids means the compromise of one of the them won't ruin the rest of your life.

Cheers,

Stephen Wilson, Lockstep.

 

Stephen Wilson
Stephen Wilson - Lockstep Group - Sydney 10 December, 2008, 11:06Be the first to give this comment the thumbs up 0 likes

Gosh, so many red herrings, so many strawmen!

Multiple ID's ... sound like an even bigger headache than we have now.

Actually no, it's what we do now in the real world.  We use different IDs in different contexts, to minimise extraneous data disclosure.  Privacy 101.  Check out the Laws of Identity, some of the best thinking in this space for many years.

I want my Mum to be able to check the credentials of the plumber before she opens the door to them.

Correct -- she needs to know their credentials but not their singular identity!  Your mum has no right to know the plumber's singular identity.

Not personal details. I plan to make them worthless.

I would agree with you about making personal details worthless, but I find your 'solution' utterly impenetrable.  What is it, if it's not a universal global identifier on a phone?  How does that possibly work, and how is it unable to be stolen?

I'm not exactly unfamiliar with biometrics ...

I have no idea why you keep raising biometrics.

As for not giving away IP, get over it. 

Your opacity is not my problem, it's yours.  No security solution deserves consideration until it is open to review.  Your claims are hyperbolic, sometimes preposterous.  On what basis can anyone believe them?

What does my Mum do Steve? Who is going to buy her, and every other grandmother, a reader? 

It depends on what she is trying to do.  You've skimmed across the top of several utterly different trransactions.  Voting, banking and checking out the plumber are all totally different and require different solutions.  In my view, to do Internet banking and shopping, yes she probably needs a smartcard.  There are numerous ways to furnish readers.  In Taiwan, over 2,000,000 ordinary people have bought them for themselves.  My laptop has one built in.  In the US, new Dells have wireless readers built in.

Explain the processes for individuals. What do we need to participate in the multiple identity card/reader solution? How does it help us interacting? Not just with the bank or the bus? You ignore many important identity occasions and don't have a solution for them.

I am not the one advocating a single solution for all conceivable transactions.  I have a clear vision for how to fix identifier takeover on the Internet, with a specific focus on CNP fraud (and also G2C transactions).  I do not have any pretensions of revolutionising the way we interact with traffic cops, plumbers, or polling station workers. I am not even sure that these are pressing problems.

The smart card crowd are living in denial. So what if you've issued a million cards, or 10 million, or a hundred million, they'll end up in the trash before those 3 billion plus mobiles do, and when they do they won't be replaced like the mobiles will.

Huh?  Of course they will be replaced. Your figures are really rubbery. Nearly 1000,000,000 EMV cards have now been issued, and they're trending solidly towards replacing all mag stripe payment cards (I am not sure of that number but it's big).  These cards naturally get replaced every two or three years, for ever.  There are another several hundred million government ID and health smartcards already issued, with another billion on the horizon in India alone.

I don't mind admitting I fooled around with 'smart cards' a couple of decades back, but to me they made even less sense now than they did then, I had my mobile back then ...

Really?  In 1988?

For instance. Child care centres. How do they know who is authorised to pick up a child? What if someone else has to do it in an emergency?

I'd like Steve to explain the process.

Not my problem to explain Dean.  I haven't advocated using anything to authorise the collection of children; this is a hard problem and doesn't seem amenable to any one technology solution.  I steer clear of one-size-fits-all solutions.  These are your claims, so you might care to explain how a mobile phone will solve these problems.

How would you do it with cards Steve? Explain the exception process, rather than the rule. New person in an emergency, lost card, fingerprint fingers in a cast?

I have explained, in full, how we can solve CNP fraud, and how we can anonymise G2C transactions.  It's all on our website.  And we have nothing to do with biometrics, ever.  That's your strawman, not mine.

This debate is a bit of fun I suppose, but let's focus please.  Dean, you've made extraordinary claims for a mobile phone based solution in unlimited transaction settings.  It's supposed to save money, be absolutely resistant to theft, and be compatible with 3 billion handsets today.  You say it will do wonders in banking, healthcare, childcare, voting, policing and plumbing.  Be reasonable -- we just want to know how it works. 

Cheers,

Stephen Wilson, Lockstep.

 

 

A Finextra member
A Finextra member 10 December, 2008, 13:47Be the first to give this comment the thumbs up 0 likes

Well said Steve - I totally agree with your comments.

Peter

A Finextra member
A Finextra member 11 December, 2008, 06:30Be the first to give this comment the thumbs up 0 likes

Stephen I've looked at what you are doing and cannot see past the difficulty in becoming the repository of individuals's data.

'If all identifiers and personal data were safeguarded (by Stepwise), we could eliminate almost all forms of "ID theft" as we know it today.'

I placed the brackets in there.

I assume that no data can be safeguarded by any central repository. Can you give me an example of success?

Clearly if you put 5 objects in 5 'safe' places then it is possibly 5 times as difficult to gain them all.

A central repository of information only requires one corrupt person to penetrate it. At least 5 would be required if the data was in 5 pieces in 5 places for example.

Surely you can see that your approach actually increases risk!

Stephen Wilson
Stephen Wilson - Lockstep Group - Sydney 11 December, 2008, 07:24Be the first to give this comment the thumbs up 0 likes

Dean wrote:

Stephen I've looked at what you are doing and cannot see past the difficulty in becoming the repository of individuals's data. ... I assume that no data can be safeguarded by any central repository. ... Surely you can see that your approach actually increases risk!

Our approach doesn't store anything centrally; see the explanatory slide deck. I agree that no central repository should be considered secure.

So, what we do is allow transaction system designers to decide up front what really needs to be known about a customer in a given context, and then we put that discrete data under the control of its owner.  For instance, in a credit card transaction, the discrete data might just be the credit card number; for an e-health record entry, it might be a Unique Health Identifier (or a scheme-specific private identifier). Some call this data a "claim" or an "assertion"; usually it can be as simple as a numeric ID.

Technically, Stepwise secretes the minimum ID -- and nothing more -- as an anonymous digital certificate bound to a unique chip (which can be a smartcard or a SIM or an HSM or a USB crypto stick, anything so long as the private key is generated in the chip and remains there).  Then when the chip-owner 'presents' their ID they do so by creating a digital signature on a particular piece of transaction data, using that certificate. Because the private key and chip combination is unique, it is not possible for an outsider to take over an ID.  Nothing in the data stream can be stolen and replayed; to steal an ID, you need to steal the actual chip (and know its PIN). If desired, we can put multiple IDs on a chip, each ID secreted in its own certificate, and each invoked seamlessly according to context.  A typical smartcard can hold a dozen Stepwise IDs; a 3G SIM can hold scores of them.

So there is no centralisation of personal data.  Quite the opposite.  By allowing customers to present the bare minimum ID required for each transaction (and allowing merchants et al to have radically better confidence in the pedigree of IDs received), we can stem the flow of extraneous personal information.

A podcast of a live demo of the CNP application is available here.

Cheers,

Stephen.

 

 

A Finextra member
A Finextra member 12 December, 2008, 00:13Be the first to give this comment the thumbs up 0 likes

As for 'The Laws Of Identity', we're light years ahead of what is a very basic concept and good first glance.

Why do you think I'm so confident and not knocking on the doors of banks? If you knew exactly what we are up to you'd either be copying it or calling your government representative and demanding an immediate roll-out.

Retired Member

Member since

19 Mar 2009

Location

Blog posts

6,066

Comments

6,309

This post is from a series of posts in the group:

Whatever...

A place to share stuff that isn't at all fintec related but is amusing, absurd or scary.


See all