[Dave Birch] We've often looked at the natural strategy of using identity infrastructure as the "front end" to payment infrastructure. To put it simply, if you have an id card in your pocket (or, more likely, your phone) wherever you go, then what's the point of carrying other cards around? Well, one reason is that if you only have one ring to rule them all, and that ring is lost, you're in schtuck (I think there's an idea for a book there somewhere). This is a valid concern.
A junior, who wishes to remain anonymous to protect her identity, had her ID card number stolen.
[From Identification card theft becomes a documented issue on campus - News]
Now, of course, in a developed nation (such as Germany, for example) this shouldn't matter, since there is nothing remotely secret about ID card numbers and they cannot be used to effect any transactions -- you need the smart ID card for that. But when the ID number is attached to something that has no inherent security, like a piece of cardboard, then it can be the root of mischief.
A week later, she decided to check her account balance at the Help Desk. The help desk printed her receipts, and she realized her laundry money account had decreased from $21 to $2.
"I saw a lot of Marvin's, but I hadn't ordered from Marvin's at all this year," the student said.
"I looked at the transactions to compare them," she said. "When I was in Chicago, my card was being used here, and once of my receipts said that I had charged for Marvin's at 6:46 p.m., when I had also bought food at the Hub at 6:48 p.m."
[From Identification card theft becomes a documented issue on campus - News]
This is the inevitable consequence of 1-factor authentication, just like magnetic stripes on credit cards. Fortunately, the story has a modern, happy ending.
Public Safety, who traced the Marvin's orders to a cell phone number, caught the perpetrator.
[From Identification card theft becomes a documented issue on campus - News]
Too funny: the master criminal who copied the ID card number down used his own mobile phone to order food using the number. Still, it's a serious point, and it has been discussed with relation to some of the national smart ID schemes that we have advised on: there's a reasonable concern that ID cards might be a target for crime if they can be used for payments, which is true, if the ID cards have no security. But suppose the ID cards have not only a chip on to prevent counterfeiting, but also a biometric cardholder verification method.
The much talked about Unique Identity Project (UID) is not just about providing citizens with biometric cards. In fact, the new identity cards can be used for multiple purposes and can even replace the debit or credit cards one day.
[From UID cards can replace bank cards - CIOL News Reports]
So, once again, let's be clear about these implications. An effective digital identity infrastructure sitting on top of a standardised "payments cloud" will completely reshape the sector. It will substantially reduce the cost and complexity of starting a new payment scheme, and will further substantially reduce the cost and complexity of running a new payment scheme.