About The Blog

Debate at the intersection of business, technology and culture in the world of digital identity, both commercial and government, a blog born from the Digital Identity Forum in London and sponsored by Consult Hyperion



  • Add to
Technorati Favorites


  • Creative Commons

    Attribution Non-Commercial Share Alike

    This work is licensed under a Creative Commons Attribution - Noncommercial - Share Alike 2.0 UK: England & Wales License.

    Please note that by replying in this Forum you agree to license your comments in the same way. Your comments may be edited and used but will always be attributed.

« May 2010 | Main | July 2010 »

6 posts from June 2010

Head in the clouds

By Dave Birch posted Jun 21 2010 at 12:17 PM

[Dave Birch] At the recent European e-Identity Management Conference, Kim Cameron from Microsoft pointed out a few privacy and security concerns that relate to the cloud. This is important stuff, obviously. For one thing, the cloud is the new black. Remember this from a year ago?

All government departments are to be encouraged to procure new IT services based on a cloud computing model.

[From UK government CIO wants to build a "government app store" - 19 Jun 2009 - Computing]

This never meant that they actually would, or indeed, should have used the cloud for anything. I'm not sure if I'd want my medical records on Google Docs, one phished password away from universal access. Indeed, the idea of a special cloud for e-government wasn't far behind:

Establishing a Government Cloud or 'G-Cloud'. The government cloud infrastructure will enable public sector bodies to select and host ICT services from one secure shared network. Multiple services will be available from multiple suppliers on the network making it quicker and cheaper to switch suppliers and ensure systems are best suited to need.

[From News : NDS ]

Hold on. Suppose the cloud goes wrong, as one might imagine that a government IT cloud would have a propensity to do, what then?

In our opinion cloud computing, as currently described, is not that far off from the sort of thinking that drove the economic downturn. In effect both situations sound the same… we allowed radical experiments to be performed by gigantic, non-redundant entities.

[From MAYA Design: The Wrong Cloud?]

Hhhmmm. So this means that if the government cloud goes down, or more likely that the gateway goes down, then there are no government services. Surely the solution is to have lots of clouds, not one, so that citizens can use any of the clouds to connect to any of the services: it shouldn't matter whether citizens want to sign on in person, at a kiosk, using the phone, through the set-top box or on a PC. All of these channels should federate their identity through to the government for access.

Continue reading "Head in the clouds" »

Who benefits from a national ID scheme?

By Dave Birch posted Jun 15 2010 at 1:10 PM

[Dave Birch] Writing in the June 2010 edition of the US magazine "Liberty" (which is a libertarian journal), Wendy McElroy made a couple of observations that resonate. She says

I am not against ID in general: it serves valuable functions.

She then goes on to distinguish between identification and certification, as distinction that is missing from many ID card-related visions. She then makes a crucial point, one I that endorse wholeheartedly.

The valid functions of ID have a common characteristic: they provide advantages to the individual who holds the ID.

Indeed, an a central reason for the tragic trajectory of the UK ID card scheme was precisely that it did not. She then makes another assertion:

Who benefits from national IDs? The state, not the individual.

I'm afraid I have to disagree with Wendy on this one. Individuals can benefit from national IDs, if they are assembled in the correct way (ie, my way) and I have no objection from the state benefiting from them too (apart from anything else, I pay for it) provided that that precondition is met. But suppose a national ID infrastructure isn't put together in a 21st-century way? In that case, it still isn't only that state that benefits: criminals do too. As I said a couple of years ago:

If you were going to create a criminal enterprise based on bogus ID cards, who would you target? Probably the group with the least recourse to the law: illegal immigrants. This is exactly what has been going on in Malaysia, where a fake identity card issuing syndicate which cheated hundreds of illegal immigrants has been broken up by the police

[From Digital Identity Forum: New identity crimes]

Of course, there's a problem the other way round as well, with illegal immigrants being given documents that they are not entitled to.

In Pakistan and Malaysia a high number of illegal immigrants become legitimate because they acquire a biometric card. Illegal immigrants get into the system usually at entry points of the country. Entry points are governed by human resource. And human resource can be corrupted.

[From The Hindu : Life & Style / Society : A question of identity ]

I found a similar point being made in a story from the Yemeni News Agency.

When a Somali refugee who could not speak purely Arabic and insists that he is from Hjjah province, came to al-Thawra police station in the Capital Sana'a for ID, he was requested by the police station to present his documents. He was ready with his electoral card, neighborhoods' supervisor recommendation and ID copies of two witnesses as identification documents to get his Yemeni ID. As the concerned policeman wanted to stop the process of granting him the ID, his co-worker rejected that saying there is no excuse to stop or delay it because he has all the required documents and it’s the election committee's responsibility.

That's a different case isn't it? Why shouldn't people with the right papers get a national ID? The chap in question wasn't trying to bribe the police to give him an ID. Ah, but...

Police officers affirm that refugees can get IDs by giving bribes to concerned officials. These bribes are ranging from USD 500-1000. "Thousands of African refugees could obtain Yemeni IDs by bribing the brokers who have relations with civil affairs investigations and who in their turn allow the procedures to pass through," said a police station's officer. Many Africans had been arrested after finding out that they got IDs illegally, a policeman affirmed, but he did not mention the number, the place of their detention and the number of issues; whether they were referred to justice or not.

In fact what is going here is even more interesting: some officials not only allow illegal immigrants to bribe their way to the papers that will get them a national ID, but they have an absolute incentive to do so, which is that you can't vote without an ID cards.

An election committee chief in Hajjah province got surprised when he discovered that the number of the registered people in the electoral district is twice the population number.

The same problem crops up time and time again. Identity documents become the target of criminal enterprise and because they don't work properly they deliver terrific profits to the bad guys without really helping the good guys very much.

The most wanted are Serbian biometric passports, "which cost up to EUR 3,000", the article claims.

[From B92 - News - Crime & War crimes - "Albanians pay EUR 3,000 for Serbian passports"]

You can see the problem. If the state relies on an ID card to regulate its relationship with citizens and that ID card embodies certain entitlements (that is, it is not simply an identity) then the incentive to get one shoots up, because once you have it then you are "inside the wire", so to speak, and can act with impunity. So long as the card actually works, of course.

About 10% of the 24 million MyKad identification cards issued since 2001 had been replaced after they were found to be faulty.

[From 10% of MyKad identification cards found to be faulty]

If 1 in 10 ID cards isn't working properly, then people will get used to that fact, so if a criminal shows up with an ID card that doesn't work, the shopkeeper/doorman/whoever will assume that it's broken and take it at face value, so I could stick my picture on any old ID card, that put the card in the microwave to fry the chip. This isn't really progress, is it.

Continue reading "Who benefits from a national ID scheme?" »


By Dave Birch posted Jun 9 2010 at 9:59 PM
[Dave Birch] As I blogged before, Consult Hyperion joined forces with Identrust to sponsor the Digital Identity Forum track on "Identity is the new money" at this year's European e-Identity Management conference in London on 9th-10th June 2010. It was a really enjoyable event, I have to say, so hats off to Roger and the team from EEMA. The morning keynote came from Emer Coleman from the Greater London Authority who showed us a video about squirrels and then went on to talk about something called the "London Datastore". I didn't really understand her slides, which mentioned Marx, The Wire, Mini-Me from that Austin Powers movie, a tumble dryer and the Chicago School, but I think it meant that they are going to start using open source, which is a good thing, and they are going to open up some public data, such as where the new cycle hire stations will be (although they don't know, since the sites are only indicative and you have to file a Freedom of Information Act request to find out).
This was followed by a panel discussion on the different "faces" of identity: ethical, legal and technical.
  • The ethical perspective came from Alexander Hanff, Head of Ethical Networks at Privacy International. Alexander noted the significant changes that have occurred in the UK in the last couple of weeks, with the abolition of the ID card, Children's Index and so forth. He was rather positive about the new Coalition and said that he expected more "positive changes" to come. I have to say that I wasn't clear on the vision, although he did mention transparency as a key element in the new identity and trust landscape, and that's something I do agree with.
    • He did mention in passing that most businesses are unprepared for the impact of European telecoms regulation. This isn't my field, so I didn't entirely follow this part, but it seems that the EU is going to require the interweb to spy on its users in case they are terrorists or something.
  • The legal perspective came from Kevin Fraser, Head of Data Protection, Ministry of Justice. Kevin explained the eight key principles of data protection.
  • The technical perspective came from Forum friend Kim Cameron, Chief Architect, Identity & Access, Microsoft. Kim set out some of the drivers for cloud computing and some of the challenges that it faces. He mentioned in passing the problems of synchronising data over the interweb, which is exactly the problem that I have noticed with Microsoft Exchange and Outlook (they seem to send megabytes of data back and forth). He asked, essentially, whether the costs of identification and authentication will erode the cost advantages of the cloud (I think not, because I expect standard platforms to arise) and pointed out, entirely accurately, that none of this has really been thought through. He was advocating a claims-based model and reminded people that this is about M2M as well.

I liked having these different perspectives brought together at the beginning of the event as it made for a good foundation for observations and questions in the Digital Identity Forum stream, where John Bullard from Identrust chaired the speaking session and I chaired the panel session: though I say so myself, it was an excellent afternoon -- many thanks to John Skipper, Vincent Jansen, Giles Sergant, Frank McCarthy, William Heath, Pete Bradwell, Robin Wilton and Henry Potts -- and I came away with a number of new ideas to take back to our customers who are interested in developing identity-based businesses for the mass market. I was specifically curious as to whether the panel and the delegates had any feelings about the potential for banks to be identity providers, but the conversation was much more interesting and wide-ranging. I'll put together a discussion of a few key points for the EEMA web site when I have some time.

Continue reading "Faces" »

Magic bullet it's not

By Dave Birch posted Jun 8 2010 at 9:08 PM

[Dave Birch] I was in a meeting recently, the context is not relevant, where some of the Consult Hyperion team were helping a customer to develop a roadmap that included in a future transition to biometrics, and a discussion began about whether biometrics in certain kinds of mass market systems are about security or convenience (I'm convinced that they are about convenience, but that's another discussion) and, if they are about security, whether existing biometrics are "secure enough". "Secure enough", though, is a complicated assertion -- I'm glad to say, otherwise our risk analysis business wouldn't be around for long -- and this reminded about about a story from the Gulf about a woman who had been deported and then re-entered because her biometrics didn't match the ones of hers on the "already been deported" register.

Although there were glitches in the system when it started, “for the past three or four years, we have not heard of a single case of someone getting around this”, the representative said.

[From Iris scan fails to stop returning deportee - The National Newspaper]

But this is illogical, isn't it? If there were glitches in the system that allowed people to get through, then the bad guys would learn about this pretty quickly. People who are getting through on forged passports and not being recognised by the iris-recognition system are not going to report the system's failure. So how would anyone know? It's only when a failure comes to light through some other route that the failure is "logged". So while the system is apparently working perfectly, in reality it isn't. Let's hope that a more detailed investigation in the UAE reveals that this woman's irises were not scanned on re-entry or it will be back to drawing board for many people.

As readers will know, I like the idea of a "gold standard" biometric database, comprising iris, face and finger biometrics, to ensure the uniqueness of identity numbers (and that's all). Adding biometrics to any identity system isn't a "magic bullet", but having a system that is founded on guaranteed uniqueness achieved through the use of biometrics might just be.

Continue reading "Magic bullet it's not" »

On the money

By Dave Birch posted Jun 3 2010 at 4:37 PM
[Dave Birch] As I blogged before, Consult Hyperion has joined forces with Identrust to sponsor the Digital Identity Forum track on "Identity is the new money" at this year's European e-Identity Management conference in London on 9th-10th June 2010. Having been through the usual juggling as people drop in and out, get called away to meetings and mess up their calendars, the final line-up is now as fixed as it can possibly be:

The Digital Identity Forum: Identity is the New Money
Sponsored by Consult Hyperion and Identrust

Session 1: Chaired by John Bullard, Identrust

13:15 John Skipper, PA Consulting
13:45 Vincent Jansen, Innopay
14:15 Sonia Rossetti, RBS
14:45 Giles Sergant, Touch2ID

15:15 Tea

Session 2: Chaired by David Birch, Consult Hyperion

15:45 Expert Panel on the Identity Business

Joe Norburn, Identrust
Robin WIlton, FutureIdentity
Jan Dart, Bell ID
Todd Facemire, Barclays

16:45 Expert Panel on Identity and the Consumer

Peter Bradwell, DEMOS
Henry Potts, UCL
Marc Dautlich, Olswang
William Heath, MyDex

17:45 Close.

Look forward to seeing you there. By the way, the promotional code EID10DIF will give your delegates 20% OFF of one or two day passes.

Continue reading "On the money" »

Spot the looney

By Dave Birch posted Jun 1 2010 at 9:36 PM

[Dave Birch] I happened to be chatting to our friend Tony Poulos from the Telecommunications Manager's Forum about new service possibilities for mobile operators facing commoditisation and declining ARPUs, and one of the areas he got me to brainstorm was identity services.

One of the world’s leading experts in this field, David Birch, spent some time with me explaining how mobile operators, in particular, could actually become ‘smart pipes’ with financial transactions. The ‘secret sauce’ according to Birch, lies in the ability for operators to provide secure identification linked to the SIM providing private and public keys for multiple providers.

[From The 'secret sauce'? | Poulos Ponderings]

The mobile phone is the obvious "remote control" for identity, and I'm surprised that operators haven't moved into this space more aggressively (there are some exceptions, of course, such as Turkcell). This led me to think, again, about the nature of the value-added identity infrastructure that might be built.

One thing, I think, is clear: the goal shouldn't be to build a virtual version of the current identity "system". At the moment, the online world has a dynsfunctional identity layer: it's not really anonymous but it's not really absonymous either.

Implementing an Internet without anonymity is very difficult, and causes its own problems. In order to have perfect attribution, we'd need agencies -- real-world organizations -- to provide Internet identity credentials based on other identification systems: passports, national identity cards, driver's licenses, whatever. Sloppier identification systems, based on things such as credit cards, are simply too easy to subvert.

[From Schneier on Security: Anonymity and the Internet]

Bruce goes on to note that in the real world, half-baked identity management schemes actually make matters worse, not better. You can't argue that having people sort-of-identified is better than having them not identified at all. It isn't.

We have nothing that comes close to this global identification infrastructure. Moreover, centralizing information like this actually hurts security because it makes identity theft that much more profitable a crime.

[From Schneier on Security: Anonymity and the Internet]

This is why I am naturally somewhat suspicious of attempts to slap identity on the ends of the network rather than having identity management as a value-added service that is part of the network infrastructure and quite distinct from the issue of which identities will be managed (in other words, the web server has PKI built in, but it doesn't provide the identities, it facilitates identity providers to do so). Simple solutions to this difficult problem -- along the lines of the Chinese attempts to have "real-name registration" of Internet access by decreeing that everyone has to present their ID number when connecting -- don't work.

Mundie and other experts have said there is a growing need to police the internet to clampdown on fraud, espionage and the spread of viruses. "People don't understand the scale of criminal activity on the internet. Whether criminal, individual or nation states, the community is growing more sophisticated," the Microsoft executive said... He also called for a "driver's license" for internet users. "If you want to drive a car you have to have a license to say that you are capable of driving a car, the car has to pass a test to say it is fit to drive and you have to have insurance."

[From UN agency calls for global cyberwarfare treaty, ‘driver’s license’ for Web users | Raw Story]

It's a bad analogy for a start, because cars are covered by product liability laws and Microsoft's software isn't, but the law on driving licences doesn't stop cars from being stolen, used in crimes and being in accidents. If there were an Internet driver's license, the 419 scammer wouldn't apply for one, he'd make a fraudulent one just as he would in the physical world, and then use it to open bank accounts and so forth.

Many of the forgeries are “know your customer” documents such as utility bills and driving licences, which are then used to open bank accounts under false names.

[From Police war on fake ID factories as fraudsters net millions | News]

Ah, you might say, but in the Internet world we can use cryptography and similar geek tools to stop people from forging licences. In which case, the scammers will still get their licences.

An Irvington, N.J., man who operated a driving school pleaded guilty yesterday in federal court to bribing Pennsylvania driver's license examiners to obtain phony licenses for his customers... Authorities said Lominy began paying bribes to a PennDOT driver's license examiner, Alexander Steele, in early 2009 in exchange for Steele issuing licenses to his customers even though they weren't Pennsylvania residents and hadn't passed a written test or driving exam.

[From He admits bribing PennDOT examiners to issue fake licenses | Philadelphia Daily News | 04/02/2010]

I see reports of people being convicted for taking other people's tests for them for money in the UK from time to time as well. So, an Internet driving licence? I don't think this is a way to improve security. I might go further and say that compared to this, the Monster Raving Looney Party's manifesto commitment to ban envelopes and force everyone to communicate via postcards looks more practical.

All sealed private letters to be banned - we propose that all letters must be written on postcards, and emails to be routed through police stations. (After all honest citizens have nothing to hide)

[From Official Monster Raving Loony Party - manifesto proposals]

Continue reading "Spot the looney" »