About The Blog

Debate at the intersection of business, technology and culture in the world of digital identity, both commercial and government, a blog born from the Digital Identity Forum in London and sponsored by Consult Hyperion



  • Add to
Technorati Favorites


  • Creative Commons

    Attribution Non-Commercial Share Alike

    This work is licensed under a Creative Commons Attribution - Noncommercial - Share Alike 2.0 UK: England & Wales License.

    Please note that by replying in this Forum you agree to license your comments in the same way. Your comments may be edited and used but will always be attributed.

« Two fingers to two factor | Main | Get me some of that identity management! »

Who will save the Internet!

By davebirch posted Jan 4 2007 at 4:44 PM

[Dave Birch] Are the general public sufficiently worried about online identity fraud to do something about it?  It wasn't that long ago that we were being told that they feared "cybercrime" more than muggings or burglary, which seemed astonishing to me.  A UK government-backed "Get Safe Online" study found that 21 per cent of respondents feared online attacks but only 16 per cent were concerned about being burgled.  The survey further claimed that is so much concern about internet crime that one in six people are deterred from using the Internet completely,  a quarter won't bank online and almost a fifth won't shop online.  Who are these people?  Why don't they just use credit cards?

Technorati Tags: , ,

If these results are true, then one might imagine that the offices of smart card companies would be besieged by banks and merchants.  Indeed, earlier this year the analysts Frost & Sullivan forecast that the authentication of consumers on the Internet will be the next large growth area for chip cards.  But some people (eg, me and Bill Gates)  have been thinking this for a long time and nothing has happened.

Now, I've always thought that pushing security off the end of the Internet and into smart cards is the best way forward for all parties.  The cost of securing PCs is prohibitive and the only way to do it properly and economically is the addition of tamper-resistant hardware.  This was recognised some time ago -- remember Microsoft's Palladium vision -- and remains completely sensible (if implemented properly).  But why the tamper-resistant hardware should be in the PC as opposed to in your wallet or (more likely) in your phone I don't understand.  It would be nice to walk up to any old PC and by waving your phone over it make it (securely) yours.  NFC makes this feasible, by the way, and it may yet transpire that authentication for the Internet becomes a major driver for NFC deployment.

In the meantime, USB or secure memory looks most promising with OATH-compliant flash drives hitting the street.  But as they roll out into offices and homes, the issues of brand, trust and the like come into focus as the technology problem fades away.


The comments to this entry are closed.