About The Blog

Debate at the intersection of business, technology and culture in the world of digital identity, both commercial and government, a blog born from the Digital Identity Forum in London and sponsored by Consult Hyperion



  • Add to
Technorati Favorites


  • Creative Commons

    Attribution Non-Commercial Share Alike

    This work is licensed under a Creative Commons Attribution - Noncommercial - Share Alike 2.0 UK: England & Wales License.

    Please note that by replying in this Forum you agree to license your comments in the same way. Your comments may be edited and used but will always be attributed.

« January 2010 | Main | March 2010 »

4 posts from February 2010

Moving to Privacy 3.0

By Dave Birch posted Feb 25 2010 at 8:52 PM

[Dave Birch] A typically excellent piece from Jan Chipchase that I've continued to think about again and again since reading it. Commenting on the Facebook privacy stories that have were around recently, he asked whether the Facebook privacy "moment" is:

their Microsoft Moment, that point where the internal perception of themselves starts to significantly, negatively diverge from the public perception? Or will we look back on it as more akin to the iMac Floppy Moment where Apple launched said computer without, gasp, a floppy drive.

[From History's New Gatekeepers - Jan Chipchase - Future Perfect]

The idea that Facebook is the crucible in which new notions of identity and privacy are being forged is, I think, true to some extent. First of all, let's remind ourselves where the fuss started.

To make privacy simpler, Facebook's controls will be changed to permit sharing with three groups: "only friends," "friends of friends," or "everyone."

[From How Facebook's New Privacy Changes Will Affect You - NYTimes.com]

Never mind whether you think these changes were good or bad, the point I want to raise is that they shape young persons very ideas of privacy. In a funny way, for the coming cyber cohort, Facebook's privacy settings are privacy. We struggle with notions of privacy because our brains still think in terms of index cards, databases and junk mail but my eldest son's generation (Generation Whatever) do not: their notions of privacy are founded in social networking. They have no problem using "unfriend" as a verb.

But what are they doing? They may have taken on board the facebookisation of identity, but I'm not convinced they understand the googleisation. I can see that replacing old ideas about identity with an identity model that is based on relationships makes sense and is a good basis for developing the necessary paradigm, but the idea of identity as digital footprint, defining a persona as the sum total of all of the data about them, doesn't seem right. The issue may be something about control, as the future privacy paradigm will rest on a more active version of privacy than the simple ability to be left alone.

Continue reading "Moving to Privacy 3.0" »

“Location-based” login protection

By Dave Petch posted Feb 19 2010 at 11:03 PM

[Dave Petch] It’s not often the case that eBay users find cause to congratulate the internet giant, in fact quite the opposite is usually the case.  Whether it’s seller rebellion against fee hikes, anger at seller policy changes, lawsuits against the selling of counterfeit goods or password vulnerabilities in the developer program, eBay are never far away from controversy of some kind.

So I was therefore pleasantly surprised to discover that eBay (in the UK at least) have implemented location-based login checks, something which would surely assist in the ongoing fight against phishing attacks were it implemented more widely at other online merchants / communities. It was also another great but simple example of the utility of the mobile phone as an authentication channel.

I discovered this through the somewhat suspect process of using my friend’s eBay login details to help him sort out an item listing issue that he had.  He’s one of those illiterate computer users who doesn’t know one end of the web from the other, so he didn’t hesitate in telling me his login and password over the phone.

My friend lives 20 miles away from me.  When I tried to log in using his valid credentials, eBay took me to a page stating it had been noticed I was logging in from a “location” that was not my usual one.  I presume this was detected using my IP address, although whether it was able to trace me to a spot in Guildford or just to the location of my ISP is not clear (a whois of my IP address at home tells me that I live in Hull, East Yorkshire, which is at least 230 miles from my house but unsurprisingly not very far from my ISP).  However, for the security mechanism in question, this was more than enough information for eBay to detect the disparity from my friend’s usual network access data.

I was then asked if I wished to be authenticated using either a phone call (instant) or an email (short delay).  I selected authentication by phone call (it uses the existing registered number and does not allow you to enter a different one), my friend’s mobile rang almost instantly, after which an electronic voice announced, “Hello, this is eBay, are you expecting this call? If so, press #”.   My friend pressed # and an access code was read out to him.  He reported the code to me, I entered it at the website and in I went.

The specifics of the situation were obviously beyond that for which the protection mechanism was strictly designed, but the process worked very smoothly and was close to real time, it presented the user with alternative options for added convenience and, above all, it was simple.  Sure, it slowed me down for a minute, but my initial thought was that such a simple mechanism would surely assist in the fight against the use of phished credentials.  If you cannot stop the consumer from continuing to fall for what is fast becoming one of the oldest tricks in the book, then stopping the use of those captured credentials using simple location checking seems to be a worthwhile next step, at least until such time that the highly flawed method of user authentication that we call “passwords” is replaced by something better.

There was a flaw in the process, however.  Having completed my login to the website using my friend’s credentials, I then asked him to log in at the same time so that he could see the effect of the changes I was making to his item listing.  eBay allowed him straight in, although it should have been clear at this point that it was not possible for him to be in two different locations at the same time, at least not without considerable mind power.

Panic buying

By Dave Birch posted Feb 16 2010 at 9:00 AM

[Dave Birch] For reasons that are uninteresting to discuss, I happened to be involved in a meeting about the UK ID card scheme. Now, to be clear, I am not against ID cards, but I am against this one. I don't want it scrapped on economic grounds, I want it scrapped because it is the wrong card for the 21st century in a supposedly advanced country.

For those concerned about the implications ID cards would have on our privacy, abandoning the scheme for budgetary reasons alone is not so much winning the argument as putting it on ice.

[From ID cards: there’s more than money to lose | spiked]

One part of the conversation was what might be salvaged from the scheme given the £100 million or so that has been spent on management consultants and the contracts that have already been signed with suppliers. The assumption was, as it was put to me, that since suppliers are much smarter than the government, these contracts would cost a fortune to cancel.

Home secretary Jacqui Smith has revealed that scrapping ID cards would cost £40m in compensation for suppliers. The Tories, who have promised to stop the initiative should they win the next general election, have attacked Smith for engineering a “poison pill” defence of the government's ID card proposals.

[From Scrapping ID cards would cost £40m - 24 Mar 2009 - Computing]

So given the initial conditions, instead of just wishing away the rather pointless internal passport that has been created at vast expense, is there something else we could do with the systems in place? Let's not panic and scrap it, wasting even more public money.

Continue reading "Panic buying" »

Meg was absolutely right

By Dave Birch posted Feb 4 2010 at 5:07 PM

[Dave Birch] Some time back, the Minister for ID Cards Meg Hillier received some criticism for saying that the new ID card was just like a passport, but for use inside the country. In fact, I don't think it would really be considered a breach of confidence to report that I once sat next to Meg at an event of some description, and she told me that she thought it had been an unfortunate turn of phrase.

Hillier is relatively new to the ID card brief at the Home Office, and has come up with several improbable and/or unfortunate claims in recent months (e.g., "we should see an identity card, like a passport, in country")

[From Transcript disappears minister's 'hack-proof' ID register claim • The Register]

But actually, she was completely correct in saying this. In the UK, the ID card scheme was (for political, not engineering, reasons) given to the Passport Service. They produced an ID card that was -- guess what -- a passport. The UK ID cards that have been issued so far implement nothing other than the ICAO standard for e-passports with Extended Access Control (EAC). I'm not knocking the Passport Service. If the ID card had been given to the DVLA then it would have ended up looking like a driving licence and if it had been given to the DfT then it would have ended up with an ITSO shell on it. My point is not to criticise the implementation decisions made by the Home Office and their ID Development Partner, PA Consulting, but to call for a different debate about identity and a greater vision for national identity management for the future.

I'll illustrate what i mean with one small example. The ID cards issued in the UK have a contact plate on them, but it is only for show, since there are no services accessible through the contact interface (for the technical, there is no Answer-to-Reset, or ATR). The cards implement the ICAO standard for e-passports and nothing more. The lovely gold square is a Potemkin Plate, only there to impress politicians. Meanwhile, in Germany, they are designing a card that implements online pseudonyms to support e-commerce and other such 21st-century functionality.

The Interior Ministry has confirmed that the introduction of the multi-function card will go ahead as planned on November 1, 2010.

[From Germany set to introduce smart ID Cards in 2010 | Science & Technology | Deutsche Welle | 15.12.2009]

Why are the Germans able to introduce a national ID card that does something useful, while we are not? Are we stupider than the Germans? I don't believe that. We have worse programmers? Doubt it. It's a mystery. Of course, it might be that their system is designed by engineers to meet a clear specification, whereas no-one really knows what ours is supposed to be for, but who knows.

Continue reading "Meg was absolutely right" »