By
davebirch posted Jan 31 2007 at 7:56 AM
[Dave Birch] Bankwatch reminded me to finish this post. Some research in the US has confirmed the anecdotal evidence that young persons who forget their MySpace password are just as likely to make a new account as fret over their lost friends or painstakingly constructed homepage decorations. The research, by Danah Boyd, indicates that this behaviour is representative of a more general attitude, that ‘many teens are content (if not happy) to start over with most of their accounts in most places’, and she has noted that for young people an online profile is ‘not seen as something to build an extensive identity around, but something to use to talk to friends in the moment’. As Bill Thompson pointed out, maybe it's another age-related disconnect. I don't go as far as Bill in having the same login name for every service I sign up for, but I do select from a very small set of lgin names (work-me, home-me, nice-blog-me, nasty-blog-me and so forth) but perhaps kids are simply extending the natural teenage experimentation with identity into the virtual world.
Technorati Tags: identity
Continue reading "Age vs. identities" »
By
davebirch posted Jan 30 2007 at 6:15 PM
[Dave Birch] There has been a change in the law in the U.K. so that ID fraud is now a crime. Hurrah! Now the the act of ID fraud will be classed as a criminal offence even if a victim does not report a crime. So, if you log on to a computer system using someone else's smart card and PIN (for example) then it's a crime.
Technorati Tags: health, identity, puppy
Continue reading "ID fraud is now actually a crime" »
By
davebirch posted Jan 23 2007 at 8:55 AM
[Dave Birch] There's been obvious interest in PayPal's decision to move to hardware-based 2FA and issue Verisign authentication devices to account holders. The hardware tokens are in the form of keyfobs that display an ever-changing (well, every 30 seconds) one-time password in the form of six digit number. It will cost US$5 for personal PayPal accounts, but will be free for business customers. The driver for 2FA is clear: research released by IT security firm Sophos in August 2006 found that over 75% of all phishing e-mails target users of PayPal or its parent company eBay. PayPal spokeswoman Sara Bettencourt told reporters the new device will provide customers with "another layer of protection" so if a fraudulent party got hold of a person's username and password, they still wouldn't be able to get into the PayPal account. This is all good, but one must remember that if a newspaper reports "the device is designed to protect customers against fraudulent phishing scams", customers might well here "the device prevents phishing" which (as Digital Identity denizens are well aware) is simply not true. Token-based 2FA does not prevent man-in-the-middle attacks.
Technorati Tags: business, identity
Continue reading "PayPal's pal" »
By
davebirch posted Jan 23 2007 at 8:19 AM
[Dave Birch] The future trends consultancy Faith Popcorn's BrainReserve has predicted the formation of a whole new type of consumer identity over the next few years: the 'New Networked Self', based on technological advances that connect people in an unlimited, yet potentially intimate, way. As a result of technologies such as internet-based social networks and consumer generated content, the company believes that consumers are increasingly turning away from the ego-driven self-aggrandizement that characterised the old era of hyper-consumption. Instead, the New Networked Self is far more ecologically aware than its predecessor, with the consumer seeing himself or herself as a tiny-but-instrumental part of a much larger picture that's constantly changing. Personally, I think that the digital identity world should be listening to people from the brand world, because brand is one of the key missing ingredients in the digital identity mix.
Technorati Tags: identity
Continue reading "Immortal customers" »
By
davebirch posted Jan 17 2007 at 5:21 PM
[Dave Birch] More developments in the digital identity laboratory that is the interface between the real and virtual worlds in the Far East. The Chinese authorities are concerned that Internet users there are are accessing online games and web sites with fake identity card numbers to preserve their anonymity. This is because some games and web sites need a name and identity card number when registering new users. The result has been that Chinese gamers can download software that can generate fake identity card numbers given fake names and addresses. The software can even forge the identities of residents in Hong Kong, Taiwan and Korea, so that Chinese gamers can get on to servers in those countries.
Technorati Tags: games, identity, internet
Continue reading "Meaningful and unique" »
By
davebirch posted Jan 13 2007 at 9:41 AM
[Dave Birch] What with OpenID appearing to gain momentum as a simple, distributed, good-enough single sign-on for the Internet, I thought it would see how long it takes to set up an openid and successfully log in to a site with it. Answer: 5 minutes. Here's how...
Technorati Tags: authentication, identity, internet
Continue reading "Opening up" »
By
davebirch posted Jan 11 2007 at 8:48 AM
[Dave Birch] Ben Laurie has previously pointed out that identity management systems are not the only way you are identified and tracked. And this is a problem, because if society chooses a particular kind of identity management system -- perhaps one which responds to European sensibilities around privacy and data protection -- but has to deliver it on top of a surveillance infrastructure, then society's choices are subverted. In other words, there must be a substrate of anonymity to make higher level choices about pseduonymity or conditional anonymity valid. So, as Ben puts it, the choices we make for identity management don’t control what information is gathered about us unless we are completely anonymous apart from what we choose to reveal. But is this a realistic architecture for the real world?
Technorati Tags: identity, internet, privacy, pseduonymity
Continue reading "Anonymity as substrate" »
By
davebirch posted Jan 5 2007 at 1:04 PM
[Dave Birch] The Enterprise Privacy Group is a membership organisation that is going to develop codes of practice for the handling of personal information. This chat with the head of EPG, Toby Stephens, covers some background to EPG and discusses their first code of practice for RFID..
Technorati Tags: identity, privacy, RFID
Continue reading "Toby Stevens, EPG" »
By
davebirch posted Jan 5 2007 at 10:00 AM
[Dave Birch] In a recent meeting, a client remarked that their customer had expressed an interest in purchasing an identity management solution but had been quite unable to articulate what an identity management solution might do, or even what problem it might fix. This reminded me that a while ago Digital ID World pointed me to an article by Paul Murphy noting out that one of the basic issues with identity management is the interpretation of the words used (mainly "identity" and "management"). What an excellent precis of the current situation.
Technorati Tags: identity, management
Continue reading "Get me some of that identity management!" »
By
davebirch posted Jan 4 2007 at 4:44 PM
[Dave Birch] Are the general public sufficiently worried about online identity fraud to do something about it? It wasn't that long ago that we were being told that they feared "cybercrime" more than muggings or burglary, which seemed astonishing to me. A UK government-backed "Get Safe Online" study found that 21 per cent of respondents feared online attacks but only 16 per cent were concerned about being burgled. The survey further claimed that is so much concern about internet crime that one in six people are deterred from using the Internet completely, a quarter won't bank online and almost a fifth won't shop online. Who are these people? Why don't they just use credit cards?
Technorati Tags: authentication, internet, security
Continue reading "Who will save the Internet!" »