User Centric is here to stay

I came across the following exchange on the ID Workshop discussion list.

First up was Brett McDowell of the Liberty Alliance:

I've just started looking for the follow-on thread I was expecting out of the “User Centric” session Dick led in Vancouver. I don't see it. Has that happened yet?

I was expecting an email that captured the consensus we had and a list of new “titles” for what I call “the identity management architecture formerly labeled ‘user-centric’ which is to be renamed in acknowledgement that at least two architectural models are appropriately labeled ‘user-centric'” (one model being a “user-centric deployment of Federation” and the other model being “TBD”… but it is what SXIP does).

That was our consensus view at the well-attended Vancouver session and I'm keen to participate on the naming exercise for the other architecture.

For more background read the wiki notes here. (note I'm not sure attendees are done tweaking these notes yet so they may not yet represent a true consensus but they are helpful now nonetheless):

So, Dick… are you going to kick this off? (or did I just miss it?)

Brett's challenge was directed at Dick Hardt, the amiable CEO of SXIP who understands better than any of us how to explain digital identity to a broad audience. (If you don't know him or forget how powerful his message is, make sure you look at this.)

After reviewing the meeting and looking at the graphics that were drawn, I think that user-centric might be the right term. The term has a fair amount of market awareness already and is being used to convey a model that is different from Federation.

I think User-centric means that each site trusts the user, and the user is free to choose any identity agent that provides the appropriate technical functionality. Federations are where a set of sites have decided to trust each other and the user has a relationship with one of those sites, which can then be communicated to the other sites.

This does NOT mean that “federation technologies” cannot be deployed in a user-centric manner.

Hopefully being August, the signal to noise ratio on any ensuing discussion will be high, but that may be wishful thinking.

I agree with Dick on this one, and don't really understand why Brett wants to fold user-centricity and federation into a single axis.  They are orthogonal. 

Federation technologies aim at helping internet portals, their suppliers, and their enterprise customers (businesses or government) to digitally identity the subjects of their business transactions.  This might or might not involve “users” in the conventional sense.

User-centric technology aims at helping individual people organize their relationships with many different and unrelated portals and internet sites – contact relationship management for individuals, as Doc Searls once said.

So in my view we are likely to have individuals employing user-centric technology to organize their relationships with federations.  There is no contradiction here, and no need to get rid either of the notion of the user-centric, or of the idea of federation.

The individual needs – and has a right to – technology that represents her.  The individual hasn't really been a factor in the identity equation until recently – she has simply been whatever some domain says she is.  That's changing.  User-centric technology delivers those changes.

Tales from beyond the crypt

Just when I was ready to drop the whole British ID Card thing and head back to the beach, a reader sent me this link to a piece Gaby Hinsliff, political editor of the Observer.

Gordon Brown is planning a massive expansion of the ID cards project that would widen surveillance of everyday life by allowing high-street businesses to share confidential information with police databases.

Far from intending to dump ID cards once he is in Downing Street, Brown is quietly studying how biometric technology – identifying people by unique markers such as fingerprints and iris patterns – could be expanded over the next 20 years to fight crime.

Police could be alerted instantly when a wanted person used a cash machine or supermarket loyalty card. Cars could be fingerprint-activated, making driving bans much harder to disobey.

The plan would make the ID cards scheme cheaper, since companies would pay for access to the national identity register – a government database of biometric information being compiled for the ID cards programme. Brown's plans belie reports that the Treasury, concerned about the cost of ID cards, would ditch them when he became Prime Minister. ‘It's almost the opposite – Gordon's thinking about ID cards is that it's part of the answer but there's a much wider picture,’ said a source close to him.

There are serious questions about the existing ID cards project – designed primarily for immigration control. The Commons’ science and technology select committee last Friday said it was still unclear how cards would be used or what data would be revealed, while a Home Office consultation with the IT industry – to be published this month – is expected to argue that the cards should be phased in so that technical glitches can be sorted out.

Brown has set up a taskforce, under former HBOS bank chief executive Sir James Crosby, on identity management, and a broader review of public services, led by Sir David Varney, on optimising use of existing identity information. He is considering a fundamental redesign of the ID project to fight a wider range of crime. He believes that, as private companies acquire biometric security systems, their spread in daily life is inevitable.

'There is going to be a key issue over the next 10 to 15 years about identity management right across the public and private sectors,’ said the source close to Brown, adding that immigration control would be only part of it. ‘It's about people coming to accept that this is not only a necessary but desirable part of modern society over the next 10 years. What [the Tories] are objecting to in the political sphere is going to be absolutely commonplace in the private sphere and saying “it's not the British way” is just not going to work.’

Brown believes that, if myriad private databases develop, there is a risk that information will leak or be stolen. The Crosby review is looking at safeguards.

Critics said the ID cards project was already too troubled to be expanded. ‘It's a pretty shoddy way of cutting the costs, and it doesn't really alter the fact that all the signs are Whitehall is simply not in a position to deliver even the early stages of an ID card,’ said Nick Clegg, the Liberal Democrat spokesman for home affairs. He said giving the private sector access to centralised databases was a big step towards ‘a full surveillance state’.

David Davis, the shadow home secretary, said: ‘This is an admission that the government's ID card system as it stands is destined to fail without something else to prop it up. It is regrettable that what the government is proposing will actually worsen the assault on privacy without materially improving security.’

Tony Blair's insistence on Thursday that ID cards would be a ‘major plank’ of the next Labour manifesto was seen as an effort to tie Brown into the idea, but it appears Brown is already committed.

The Observer recently disclosed that the company analysing police DNA samples was storing them, despite assurances they would not stay in private hands. However, sharing biometric data with high-street companies would be even more controversial.

If anyone reading this knows Mr. Brown's private source, and if this is what he actually said, could you please mention that in the private sector we actually try really hard not to alienate our customers.  We try to do the things they will want us to do, that they will thank us for having done.  I for one don't have a clue how or why a company like mine would want to be associated with the type of relationship proposed above.  To me it sounds really goofy.

This ID card discussion as presented here needs a complete reset.  It's time to reboot, to install a new bios. 

Let's start all over, and begin by protecting the security of our citizens.  What is privacy except security from the point of view of the individual?  Protecting individual privacy will do more to secure the state than anything else that can be attempted – because it will result in well-designed systems that are impossible for enemies to penetrate.

New British report on identity card technologies

There is a new report by the British House of Commons Science and Technology Committee entitled, “Identity Card Technologies: Scientific Advice, Risk and Evidence“.

For those new to this blog, the ongoing discussion of a British Identity Card interests me not only because of what it means for Britain's future, but because it is a crucible in which to watch the Laws of Identity play themselves out. The initial proposal broke a number of them – with, so far, the predicted results.

Here is the summary from the multi-party Committee's report:

This Report is the final of three case studies considering the Government’s treatment of scientific advice, risk and evidence. It focuses upon the Home Office’s identity cards scheme, which uses various technologies including biometrics, information and communication technology (ICT) and smart cards. We considered this scheme in order to explore the ways in which scientific advice, risk and evidence could be managed in relation to technologies that are continually developing.

This inquiry has found several areas in which the Home Office’s treatment of scientific advice and evidence appears to be following good practice: the establishment of advisory committees, the use of Office of Government Commerce (OGC) Gateway Reviews and the development of risk management strategies are examples. We welcome the Home Office’s commitment to implementing the scheme gradually rather than using a “big bang” approach, which could jeopardise the success of the programme.

We have also identified weaknesses in the use of scientific advice and evidence. We are disappointed with the lack of transparency surrounding the incorporation of scientific advice, the procurement process and the ICT system.

Potential suppliers are confused about the extent to which the scheme will be prescriptive and when technical specifications will be released. Whilst the Home Office has attempted to consult the wider community, stakeholders have complained that consultations have been unduly limited in scope and their objectives have been unclear.

As a result, the wider community does not have the level of confidence in the scheme that could reasonably be expected at this stage. Whilst the Home Office has determined some aspects of the scheme such as the biometrics, it has left other aspects such as the structure of the database undetermined. Its decisions demonstrate an inconsistent approach to scientific evidence and we are concerned that choices regarding biometric technology have preceded trials. Given that extensive trialling is still to take place, we are sceptical about the validity of costs produced at this stage. We note the danger of cost ceilings driving the choice of technology and call for the Home Office to publish a breakdown of the technology costs following the procurement process.

The identity cards scheme has at least another two years before identity cards begin to be introduced and the scheme has not yet entered its procurement phase. There is still time for the Home Office to make alterations to its processes. We encourage the Home Office to seek advice on ICT from senior and experienced professionals and to establish an ICT assurance committee.

Whilst biometric technology is an important part of the scheme, it must not detract from other aspects of the programme, in particular ICT. It is crucial that the Home Office increases clarity and transparency across the programme, not only in problem areas. We also emphasise that if evidence emerges that contradicts existing assumptions, changes must be made to the programme even if the timescale or cost of the project is extended in consequence.

Peddalo sir? Of course, just leave me your ID card …

Being on vacation, surrounded by bizarre identity phenomena, I liked this post by Jerry Fishenden, Microsoft's National Technology Officer in Britain 

If anyone doubts the extent to which ID cards will be demanded for the most trivial of reasons, my recent experiences on holiday in the Ardennes amused me. On going to hire a peddalo on a lake for myself and my family to inflict some gratuitous self-humiliation on ourselves, I was asked for my ID card.

“I don't have an ID card”, I explained – at which point they asked for my passport. Which I was not carrying with me.

Oh uh – it was not looking good. Was I going to be prevented from some harmless family entertainment on the lake due to the lack of a proper identity document? I couldn't but help observing beside the cash till (in full public view and easy reach) a collection of ID cards and passports provided by other peddalo tourists.

However, it turned out that they wanted the ID card/passport from me purely as some sort of sureity for the hire of the peddalo. I negotiated a cash deposit of 15 Euros instead.

But the episode did highlight to me the risks involved with any ID card that has physically printed on it a wide range of sensitive personal information – who knows what some unscrupulous peddalo hirer might do with that useful information whilst it is in their custody? Let alone someone with a more serious criminal intent.

Even odder, on returning the padlock key for the peddalo after completion of a few half-hearted circum-navigations of the lake, I was offered a choice of ID cards and/or passports to take from the pile beside the till. Until I reminded them that I only needed my 15 Euros returned – not someone else's identity document (kind as it was of them of course to offer me alternative identity documents – and free of charge at that).

The ease with which anyone with an ID card or passport meekly complied with the request and handed them over to a peddalo-hiring stranger also illustrates the extent to which people become complacent about where and who asks for such credentials. Of course, happily most of the time the people that ask us will have the best of intentions. But we still need to design our identity documents with the assumption they do not.

All the more important then that we have the time to ensure any ID card (and the personal information it provides access to) is designed to protect us against casual acquisition and misuse.

While you pondering this one, take a look at Jerry's very thought-inducing piece, “biometrics: enabling guilty men to go free? Further adventures from the law of unintended consequences“.

He focusses on the fact that biometrics are progressively becoming public information, as are many other aspects of our identity.  Because they are being stored in an ever-widening circle of computer systems and without serious security precautions, they may in fact lose the power to convince and convict.  We need to understand these issues if we are to understand the role of biometrics in identity.

The law of unintended consequences seems to be making itself felt a lot these days.

 

Will industry rescue the identity card?

IT Week recently ran a story quoting Simon Davies, director of Privacy International, that has raised an eyebrow or two in the blogosphere.

Industry may need to lead the way if the UK is ever to get a national identity card scheme that can deliver significant security and efficiency benefits.

That is the view of Simon Davies, one of the academics behind the London School of Economics’ controversial report last year on the cost and viability of the government’s ID card scheme. Davies told IT Week that now leaked emails from Whitehall officials have revealed their doubts about the viability of the scheme, the private sector may have to step in to save the project.

“I’ve believed for some months that a ‘white knight’ consortium from industry is needed,” Davies said. “Companies that can see the benefits of the ID card idea should approach the government about effectively taking over the project.”

The Home Office has long argued that the introduction of ID cards will deliver many business benefits, such as more efficient identity verification processes, less fraud, and more secure e-business transactions, and has maintained that it has been working closely with business leaders about how the technology should be used.

Speaking in her office at the newly formed Identity and Passport Service (IPS) earlier this year, Katherine Courtney, director of business development for the government’s ID card scheme, argued that while much of the coverage of ID cards has focused on the ability to tackle fraud and terrorism, it will also deliver such significant business benefits that “we will all be asking ourselves in 10 years’ time how we ever got along without them”.

Courtney added, “Because of the mobility of society and the development of the digital economy, people are leading more complicated lives and want to be able to conduct their personal administration more easily and out of office hours. These changing social trends mean that the capability to prove your identity is vital and this scheme will deliver the enabling technology [to do that].”

The Home Office is talking to public-sector bodies, such as the police and the NHS, and private firms, including banks, retailers, e-businesses and other large employers, about how they could use ID cards. The theory is that if everyone has a national identity card that can be checked against a central register containing biometric and personal details, tapping in a personal PIN code or undergoing a biometric scan will quickly replace the need to photocopy utility bills or show a passport for tasks such as enrolling for a doctor or applying for a loan.

Perhaps unsurprisingly, firms have broadly welcomed plans that the Home Office estimates will save the private sector £425m a year through streamlined identity verification processes and reduced exposure to fraud. In fact, these benefits could prove so significant that organisations will offer incentives for customers to have cards, according to Ed Schaffner, director of enterprise security at IT supplier Unisys – one of the companies likely to bid for part of the Home Office contract…

“The cost of identity fraud is built into the cost of any service,” Schaffner said. “So businesses and banks can say that if you use this card to verify your ID you can have a discount.”

A spokesman for one bank also said identity cards could make it easier it to serve disenfranchised sections of society, such as migratory workers and students, who are less likely to have currently accepted forms of identity proof such as utility bills and passports.

Another way the Home Office hopes the cards will deliver significant benefits for businesses and consumers is by enhancing the security of online transactions. The Home Office argues that asking customers for an ID card number and PIN code that can verify identity against a national register would give organisations a more secure means of identifying online users.

It is a technique already used in Belgium, where 2.5 million people currently hold electronic ID cards and government agencies and banks are using information on the cards to authorise online access to their services. Chatrooms have also started to use ID card checks to ensure age limits are enforced.

In future, attaching card readers and fingerprint scanners, such as those already found on some laptops, to PCs could further strengthen security. If the technology proves as secure as the Home Office promises, retailers and banks would be able to authorise far larger online transactions than at present.

Like many observers, Jeremy Beale, head of e-business at the CBI, has concerns about the technical challenges the scheme will face, but he also argues that a working system could bring huge benefits. “ID cards are not so much a disruptive technology as a stabilising one,” he said. “Firms have been saying for years that they want a single secure standard for online identity verification, and if the government manages to deliver it there could be huge benefits for online commerce.”

But Davies added that despite these potential benefits the government has not been doing enough to form a partnership with industry and technology suppliers to develop a workable ID card system, and it is therefore time for business leaders to take a more proactive role. He argued that management of the scheme should be taken from the Home Office and handed to the Treasury and the Department of Trade and Industry (DTI). “Industry has been left high and dry [by the government’s failure to make its plans clear], and the DTI should be able to rebuild trust with industry,” he said.

Alan Rodger of analyst firm Butler Group said there is a growing belief among some identity management experts that the government should leave the scheme to the private sector. “There is a feeling from some that we should let the market sort it out,” he said. “It would allow the problem [of securing individuals’ identities] to be tackled without the need for huge public investment.”

Separately, Davies argued that now some senior civil servants have expressed fears that the project is likely to fail, the government ought to publish all its reports on the feasibility of the scheme. “It is now all about trust,” Davies added. “The government has to restore some faith in the project.”

Simon, who has been a relentless and towering force in the privacy movement, responded to his critics as follows:

It’s important to recognise that context can be lost in any media report. In this case the quotes are accurate, though of course not complete. I’ve made similar remarks to conferences over the past six months, and for good reason. While it would have been nice to have seen the full conversation published, we all know that’s not the way media does its business.

I doubt that anyone who has followed the UK ID card debate, or indeed the debates in other countries, would have any doubt about where I stand on identity. My views are well known, mainly because government has made a point of repeatedly expressing them in public. I don’t resile from anything I’ve everr done or said on the subject.

As for these particular remarks, I will clarify the position.

1. You will know through the recent leaked emails that it is government, rather than Privacy International, that has lost the plot over the ID card. The Home Office is in disarray and Treasury wants it scrapped or severely limited;

2. You’ll also know from the leaked Market Soundings report that industry no longer supports the goverrnment’s scheme. I’ve know that for more than a year. Industry wants a manageable project that has a light structure and that carries public trust;

3. Into this context comes the idea that industry wanting to pursue the “right” approach (no compulsion, no central register etc) now have the opportunity to do so. Companies like EDS will always support the government line. Others are moving quickly to establish an alternative position.

4. The idea of the “White Knight Consortium” has been around since mid 2005, when it was first discussed at an industry-wide meeting of the Enterprise Privacy Group. I supported the idea then because it seemed the best way to derail the government approach.

I don’t see any need to defend myself, other than to observe how odd it feels to be hailed one day as the master strategist behind the ill-fortunes of the scheme, and the next to be condemned as a guy who lost the plot.

The “plot” is something I have well and truly in mind, and maybe you just need to reflect a little more on what I’m supporting and why I’m supporting it, rather than lashing out. Strategy and tactics on an issue like this are long term game-plans.

I've met Simon – in fact he's a privacy mentor for me.  It's true he's put a few noses out of joint over the last couple of decades.  No wonder – he was so far ahead of the rest of us in his thinking.  Talk to him for two minutes and you can see that he has worked with these issues for a long time, and understands them in a many-sided way.

Incredibly, in 1994, when people like me didn't yet have a clue we might encounter privacy issues with digital technology, he had already written Touching Big Brother – How biometric technology will fuse flesh and machine.   I don't throw out the word visionary lightly, but read this article and wonder.

Through his work at the London School of Economics he has spent a lot of time talking with cryptographers and computer scientists to understand what can actually be done to replace current systems with ones which really are privacy enhancing.  After all, does anyone think the current situation represents a Nirvanna?  Not me – I've seen too many of the existing systems.

It's true that through unlikely initiatives such as the proposed UK Identity Card system, replete with panopticon observation post and massive centralized database, the handling of our personal information and threat to our privacy could actually get worse than it currently is.  But I don't think this type of initiative will succeed – it's like building a sixty-foot man.

So, surely, it is just as possible that we can take advantage of the increased awareness around these issues – and the amazing new technological possibilities that have emerged in the last few years – to allow government and business to become more secure and more privacy enhancing than they currently are.

Given the proper adult supervision by privacy advocates and policy experts, industry could, as Simon says, bring to life alternatives to the Dr. No blueprints that have emerged so far. 

It may still be hard to imagine a national (or international) conversation that includes notions like “directional identity”, but I think it will come.  Governments will inevitably see that the way to best strengthen their own security is to build strong social consensus by protecting the privacy of citizens at the same time they look after the interests of the state.

As always, the key here is “User Control and Consent”.  Citizens have to want to use the system.  Close behind are “Minimal Disclosure” and “Directed Identifiers” and all the other Laws of Identity.  Any successful ID card will have to be more attractive than the status quo – proving it is a step forward, not backward, and winning support.

   

Yeah, I'm a 27 year old single guy, but should I tell my wife?

Intel's Conor Cahill points out the problems with the “verification chains” being used by some of the emerging commercial identity verification services: 

In “How old are you, are you single?, my friend, Kim Cameron, quotes an article in the post-gazette.com Business News talking about identity verification services. The article, describes the process as:

The Verification Chain

How new identity-verification services work.

  • Users sign up for a new account on a classified, social-networking or dating site and are prompted to click through to the site of an identity verifier.
  • Verification service prompts users to create profiles with details such as their age, address, and occupation.
  • Verification services — or a separate company — electronically check data in public-record databases to verify assertions.

At first glance, this verification service looks like a good step forward. However, if you look closely, the process appears to mimic the same procedures that provide the foundation for much of the identity theft that exists to date — that being the fact that all I need to do to steal your identity is know a few key pieces of information (which will verify correctly).

I would hope that they start to add stronger verification that the person who “knows” this stuff is actually the person who's data is being verified. Things like what Paypal does for bank account verification (deposit two small sums in your account and require you to input the actual deposit values to prove you have access to the account).

We really need to move away from knowledge of basic facts as a verification of identity, especially when many of those facts are published in one form or another.

Paypal's approach is one of the best ways to prove that you have control of a particular bank account. 

But it doesn't say much about how old you are – or whether you are single.  So it's not a silver bullet in the wider scheme of things.

Too bad, because I couldn't agree more that knowing things about me doesn't prove you are me.

Isn't it amazing how many times we are required to tell people far too much about ourselves? 

I've been asked so many times for the name of my first pet that I've had to make one up.  My first pet was a turtle, and as far as I can remember, his short life didn't involve a name – we were both too young.  Yet I have to use this silly name to avoid giving people my mother's date of birth.

Once you've revealed all, the party you've given it to can reveal all too.  If there's a one in one thousand chance that someone will sell or misuse that information, when you have given it to one thousand people the probability of misuse has reached one.

Right now we give all our identifying information to every Tom, Dick and Harry, each of whom remember who we are by storing it – probably unsafely. 

What if we just gave it to Tom, or a couple of Toms, and the Toms then vouched for who we are?  We would “register” with the Toms, and the Toms would make claims about us.  Then the chances of having our identity stolen would drop, in the example above, from certainty, to one or two in a thousand.  Not perfect, but hey, I'll take it.

If Tom stands behind our identity for a number of years, he can become progressively more certain about our behavior, if not our childhood.

So I'm hoping that in the description given above of how a verification service operates, once you have registered with a service, it stands behind assertions about you, so you no longer need to release identifying information

Anyone understand the MySpace “salute”?

Following our recent conversation on finding the time to blog, Ted Howard pointed me to this fascinating page from MySpace.com:

In order to verify your identity, please send us a “salute”. This means we will need an image of yourself holding a handwritten sign with the word “MySpace.com” and your Friend ID (your Friend ID number appears immediately after “friendID=” in the web address/URL when viewing your profile). We can then remove the profile that uses your identity without your permission.

Please be sure to include the web address/URL to the profile in question when you send your salute.

If you do not have a profile on MySpace please write in the email address that you are emailing us from instead of your Friend ID.

If the profile is an extremely obvious attempt to be cruel/false, you may not need to send a salute. Sending a salute will definately help expediate things, though! If you are a teacher/faculty member at a school, please click on this link.

That's so bizarre.  I'm missing something here.  I asked Ted if he had any idea how this works:

I think the MySpace “salute” is just a photo of yourself holding a piece of paper that has your login name on it. Apparently, they consider this to be physical proof of identity – they have physical proof that a given face is linked to a given login name. Now, I don’t understand how this helps anything, which is why I find it interesting.

What stops me from saying that your MySpace account that claims you are “Kim Cameron” is a fake and then sending a picture of me holding a piece of paper with my account name that claims I am “Kim Cameron”.

Crap! I’m on your technical advisory team I guess. Are the benefits good?

Welcome to the team, Ted.  Someone will get back to you on the benefits question.

The truth is that Ted is one of those very lucky guys who gets to program video games.  I sure would like to see him blogging about what that's like.

 

 

How old are you? Are you single?

From post-gazette.com Business News, here is a nice article by Jessica E. Vascellaro of The Wall Street Journal on identity-proofing.  It's amazing how well she understands the emerging options:

Rob Barbour has found a new way of enhancing his reputation online: showcasing his newly verified identity. When he put up an eBay Inc. listing a few weeks ago, the Ashburn, Va., technology consultant embedded a link to his new online profile on verification service Trufina Inc.

He soon will paste the link in his emails and on a Web site where he sells software and offers programming advice. “I needed a tool that will prove to somebody that this is who I am,” says Mr. Barbour, 39 years old.

Proving who you are is increasingly important on the Web, amid growing concern that pervasive Internet fraud is making it difficult to know whom to trust. In response, companies are developing a slew of new tools to help people confirm their identities. The new services allow consumers to create and share verified personal profiles with people they meet or do business with online.

In recent weeks, many of these services have announced new partnerships with popular social-networking, shopping and dating sites, which face particular pressure to keep out cyber crooks. Trufina, which has recently joined up with dating sites like HonestyFirst.com and Loveaccess.com, relaunched last week with a wider menu of verification tools. Opinity Inc., a new profile-sharing service that verifies a user's age, hometown and, in coming weeks, education and employment history, has recently announced partnerships with social-networking sites like GoingOn.com, classified site Edgeio.com and technology-news site CNET.com. IDology Inc., which performs age and identity checks on customers for high-end online merchants, will this week announce a deal with Zoey's Room, a networking site for girls, marking the first time its age and identity-verification technology will be part of a social-networking site.

Whether they're shopping, chatting, doing business or looking for dates, consumers are increasingly on edge about online safety. In 2005, 59 percent of Americans “completely or strongly” agreed that Internet-based financial transactions were secure, down from 70 percent in 2003 according to Informa Research Services. A recent report from the Pew Internet & American Life Project found that 66 percent of Internet users believe online dating is dangerous because it puts personal information online.

Concerns about the safety of minors, in particular, have exposed the need for more effective ways to confirm a person's identity than a user name and a password. Social-networking sites attempt to protect their members by imposing minimum age restrictions but can't easily enforce them. News Corp.’s MySpace.com, which requires members to be at least 14 years old, told Congress in June that it is looking at age-verification technology but hasn't yet found any effective options.

Proposed solutions for protecting children from online predators are controversial. Last week the House of Representatives passed a bill that bans social-networking sites and chat rooms from schools and libraries that receive certain federal funding. The bill, which has been criticized as too broad and blunt by some online-privacy groups, has been referred to a Senate committee.

A growing number of businesses, too, are using online verification services to check out their customers. Wine company Kendall-Jackson uses IDology's age-verification technology to confirm that new customers on two of its e-commerce sites are at least 21 years old, and it plans to implement more-comprehensive identity verification soon to help combat credit-card fraud. Ice.com, an online jeweler, uses IDology's tools to authenticate buyers whom it flags as high-risk, which include those with particularly high transaction volumes or mismatched addresses.

Microsoft Corp. is addressing online-safety concerns by constructing its own identity technology from scratch. The technology, called Windows CardSpace, is in a very early stage but will be built into its upcoming Windows Vista operating system. CardSpace allows users to log into Web sites by clicking on different digital credentials, or information cards. Users could create their own information cards or they could get the credentials issued to them by a trusted party, like a bank. (Microsoft doesn't host or store the identity information; it just provides the technology for its transfer.) CardSpace is meant to be more secure and useful than passwords because information cards can hold more information, like an address or a credit-card number, and can be backed by a third party.

International Business Machines Corp., Novell Inc. and various other academics and vendors are working together on a similar project. Their technology, dubbed “Project Higgins,” would be open-source.

But radically new tools like these won't be rolled out widely before next year. In the meantime, current services tend to focus on creating a trusted profile that can be used across sites or shared. The services, which collaborate with background-checking companies of the sort corporations use to research future hires, often check attributes like age, address, gender, education, employment and whether a person has a criminal record. Most services provide a basic verification of name, email, and sometimes address free of charge. Anything more can cost up to around $15 a year. The information is typically checked against credit-bureau records and other publicly available data, like property listings and databases of known criminals and sex offenders.

To sign up, users enter their personal data and are sometimes asked to answer a series of tricky multiple-choice questions no one else will likely be able to answer, such as the size of their last mortgage payment. Some details are confirmed automatically; others take time. On Trufina, a basic verification takes two to three minutes, with a background check usually taking less than 10 minutes, says Christian Madsen, chief executive of the College Park, Md., company.

Users can sign up through the services’ own home pages or through a partner site, where some of the costs are absorbed into other membership fees. Loveaccess.com, an online-dating site with two million members, charges customers $145 for a year of its premium service, which requires a Trufina background check.

Currently, the services aren't in widespread use. Indeed, some consumers complain that their verified profiles aren't yet particularly helpful. Max Markidan, a 26-year-old management consultant in Arlington, Va., says he doesn't find it useful for professional networking because few users beyond dating sites appear to have adopted it. “I am married, so I can't really use Trufina at this point,” he says.

The companies’ partnerships with popular sites will make or break their adoption, analysts say, by providing them with necessary revenue and more users.

While many of the services aim to assuage privacy concerns, they may run up against them, too. Briana Doyle, a 24-year-old from New Westminster, British Columbia, joined Opinity last month hoping it would help her aggregate personal information about herself she wished to share with other people online. But she stopped short at divulging details like her address, verifying instead her user names on other Web services like Yahoo's photo-sharing site Flickr, which the service also verifies. “I didn't see any reason to put my address front and center,” says the Web editor.

The companies stress that they don't store personal information about their users. But consumers may still shrink from a service they think knows too much about them. “The minute you aggregate identity information you aggregate risk,” says Jamie Lewis, the chief executive of the Burton Group, a Salt Lake City research firm. With hackers out looking for financial information, “you create a target,” he says.

The Verification Chain

How new identity-verification services work.

  • Users sign up for a new account on a classified, social-networking or dating site and are prompted to click through to the site of an identity verifier.
  • Verification service prompts users to create profiles with details such as their age, address, and occupation.
  • Verification services — or a separate company — electronically check data in public-record databases to verify assertions.

Once it supports Information Cards, a company like Opinity might offer a card that would assert an age or marital status and yet ensure no personally identifying information is communicated.  The most important aspect of this is that users won't need to reveal secret or identifying information to anyone but the Identity Provider (Opinity for example).

Kim Cameron too prolific a blogger?

Ted Howard, who also works at Microsoft, wrote about me recently – I'm tucked in between posts on how much he hates Southwest Airlines, how much he hates Spokane, and how much he hates presidential signing statements.  I hope there's no pattern here.

Kim Cameron is way, way too prolific of a blogger. I don't see how he can possibly find the time to read all the blogs he reads, write all the posts he posts, and still do his job as an architect.

I wonder if he just has a technology assistance team like BillG that is posting to his blog. Maybe if I had confidence about the identity of the real-world entity publishing entries on his blog, then I would know.

If you want to be overloaded with highbrow thoughts and debates on identity, head over to Kim's blog.

That's pretty funny.  Truth is, I have a bunch of friends who send me links to posts I should read, and I make time to read them.  When I've finished, I have a pretty good handle on what's happening.   

So my “technology assistance team” comes from across the industry, which has really expanded my thinking. 

But I'd prefer to call them a blogging community.  And I try to channel this back to this community.

I'd put Ted's question about how I find time to blog and do my job as an architect somewhat differently than he does.  There are all kinds of architects, who contribute in all kinds of ways.  But to me the most important thing an architect can do is see very clearly what needs to be built.  It's not that hard to come up with an idea that could be built.  But I'm talking about something different:  what needs to be built depends on understanding the objective factors that allow you to tap into some kind of historical inevitability.  That's a high bar, but when you are talking about hundreds or thousands of person years, you need a high bar.

I don't think you reach this bar by cutting yourself off and meditating – as healthy as meditation may be.  Nor do I think you do it by working on technical minutae from morning to night – even if I might find that more relaxing. 

You have to “get out” and see what's happening.  You have to put your ear to the ground.  You have to feel the pulse of the world. 

For me the blogosphere is “essence of pulse”.  It makes me question everything.  What I've done right;  what I've done wrong.  What I've just assumed was true, or assumed that others thought. 

If you look at Cardspace and Information Cards, my work on the laws of identity was effectively architectural work on the principles of the design, even though it was done in the blogosphere. 

Identity represents a central problem of computer science – a complex problem which doesn't have a simple “algorithmic” solution.  To understand it deeply, you need to understand every side of it.  You need to “integrate the tangents”.  What better way than to share your thinking widely and have others help you figure out what is wrong and missing – both from your theory or your presentation.

So there you go – more highbrow thoughts, I fear.  Of course, let me point out one more time that I'm happy for this blog to be “the hair on the end of the long tail”.  I couldn't help thinking it was a clerical error when CNET named it one of the top 100 technology blogs.  Identityblog is super specialized.  So one man's highbrow might be another's Iggy Pop.  To me they're the same thing, and furthermore, I don't really care.  I just do my thing.

 

Bob Blakley joins the Burton Group

News from Ceci n'est pas un Bob (Bob Blakley): 

As of today, I've moved from IBM to The Burton Group, where my job title will be Principal Analyst. I'll be working on Identity, Privacy, Security, and Risk Management. The views expressed here are still mine, and don't necessarily reflect the positions or opinions of either employer.

Bob was a great spokesperson for IBM, wasn't he?  He's such a thoughtful person. 

I wish him the best of luck in his new role.