About The Blog

Debate at the intersection of business, technology and culture in the world of digital identity, both commercial and government, a blog born from the Digital Identity Forum in London and sponsored by Consult Hyperion



  • Add to
Technorati Favorites


  • Creative Commons

    Attribution Non-Commercial Share Alike

    This work is licensed under a Creative Commons Attribution - Noncommercial - Share Alike 2.0 UK: England & Wales License.

    Please note that by replying in this Forum you agree to license your comments in the same way. Your comments may be edited and used but will always be attributed.

27 posts categorized "Connection & Disconnection"

Faking it

By Dave Birch posted Mar 4 2008 at 9:40 PM
[Dave Birch] I was in a discussion about this "internet of things" again today. It reminded me about my recent visit to the Automatic Identification and Data Capture (AIDC) European Centre of Excellence, which is in Halifax. They have a super facility with a shop, bank, hospital, town hall, library and main street set up on one floor of what I imagine to be a disused mill building. Their vision is to be able to demonstrate AIDC technologies (including some of our favourites such as biometrics and RFID) in "real" environments. During my tour, I came across a notable use of RFID tagging that flagged up -- once again -- just how widespread the use of RFID is likely to become and just how many niches there are for it to fill. I'm not skipping over the privacy issues. Nor, for that matter, are the European Commission...

One source told me that a requirement from the EU for consumers to positively opt-in to RFID in-store and for RFID tags to be decommissioned at the point-of-sale would kill RFID at item-level in Europe. Such a move, the source added, would put us internationally behind the curve, cost thousands of jobs in the RFID industry and be a terrible waste of a very useful opportunity.

[From Is the EU about to publish RFID privacy proposals? (Tune into RFID)]

Some form of RFID code of conduct -- such as the one that Toby Stephens wrote for Digital Identity Management -- is a good thing, but the opt-in and decommissioning ideas are not the right way forward.

Continue reading "Faking it" »

Of course, the camera adds 110lbs

By Dave Birch posted Feb 11 2008 at 2:07 PM

Unbelievable but true: I've been to London Fashion Week. And to prove it, here's a video I took at the actual fashion show...

Continue reading "Of course, the camera adds 110lbs" »

The internet of things 2.0

By davebirch posted Jan 9 2008 at 8:43 PM
[Dave Birch] Over on the Digital Money Blog, we're obsessed with the spread of NFC technology built in to mobile phones because it will have a disruptive impact on the retail e-payments world. But the technology will undoubtedly have an impact on the identity world as well, and not just because the NFC-enabled mobile phone is an ideal personal identity management device, but also because it bridges the local and remote environments to provide infrastructure for the internet of things: in fact, one might argue that bringing mobile into the picture (the internet of things 2.0) turbocharges the whole concept. The Auto-ID guys seem to think this as well. At the St. Gallen/ETH Zurich Auto-ID Lab, for example. They agree that NFC-enabled mobile phones could give consumers access to the EPCglobal Network. This isn't because NFC phone can read EPC tags -- they can't, because NFC technology, which operates in the high-frequency band, and EPC technology, which operates in the ultrahigh-frequency band, are incompatible -- but because they could link local devices that can read tags (Bluetooth-connected pens and that sort of thing) into the savant network needed to make RFID work in a useful way. It's possible, of course, that UHF EPC readers may be integrated into mobile phones in the future, though it's technically challenging because the readers drain a lot of energy from the phone's battery. What's more likely is that some applications will end up using NFC tags. I tend to favour this NFC direction on the overall roadmap, because it links to the wider demand for NFC phones. While NFC is still in pilot for most operators around the world, this is about to change as an increasing number of commercial launches are due to take place in 2008: while in the short term there still remain important challenges for the development of NFC-enabled devices, analysts are saying that in the long term NFC will be a feature supported on the large majority of the phones sold. This already the case in Japan, where NTT DoCoMo has FeliCa contactless technology embedded in about 80% of the phones they sell. There are no great technological or cost barriers for NFC to be integrated quickly into a wide range of devices, so this must stimulate a tag ecosystem.

Technorati Tags: , ,

Continue reading "The internet of things 2.0" »

Triple play

By davebirch posted Jan 2 2008 at 9:38 AM
[Dave Birch] Someone asked me about the idea of connecting contactless cards to PCs via USB (since PCs lack contactless interfaces -- or at least they do outside Japan). This is kind of product they were thinking about: a USB interface on a payment card, using the chip to generate a one-time password (OTP) for transactions. The card is emulating keyboard output so no drivers are required and it can work across machines or operating systems. A trojan could capture the OTP and redirect it, but that's a general problem with this kind of 2FA. But what's the point of using an OTP? If you can connect the card to the PC, and you're not bothered about keyboard input being subverted, then why just use EMV and do a level 2 transaction (using the PC as a POS terminal)? Oh right, it's a U.S. card.

Technorati Tags: , , ,

Continue reading "Triple play" »

Full house

By davebirch posted Nov 8 2007 at 6:15 PM
[Dave Birch] One of the reasons by the British government's IRIS scheme -- which allows frequent travellers such as yours truly to enter the country via iris scanner instead of showing a passport to an immigration person (or, at least, theoretically does so: I've given up using it because it never works) -- is so bad is because it is attempting to match against a large and growing database. This means that certain parameters have to be set to position the FAR/FRR curves in particular ways: if there's a doubt, keep him out! If, on the other, you are matching a biometric template one-to-one against a securely stored templates, you can set the curves to be more tolerant, more workable in real world situations. An example of how the IRIS probably should have worked. Nevertheless, the biometric authentication market continues to grow steadily, with interesting new implementations coming along all the time. One that caught my eye is the system being installed at The Venetian Macao, the world's largest casino, has deployed 13 VisionAccess 3D Face Readers in order to authenticate 12,000 employees at the front entrance when a new shift starts. Bioscrypt's 3D face reader is a hands-free biometric solution that authenticates users in under a second by matching the structure of the person's face against their enrolled template (ie, a one-to-one match). The readers function by shining a near infrared grid pattern on a user's face. A camera then takes a picture of the resulting distortions in the grid pattern to match against the template, which is stored in a contactless smart card (typically kept in a hip pocket). That's the way to do it.

Technorati Tags: ,

Continue reading "Full house" »

Chip the lot of 'em

By davebirch posted Nov 7 2007 at 9:02 PM
[Dave Birch] People are very squeamish about the idea of implanting RFID chips into themselves or others. I've no idea whether this is because there is some fundamental issue at stake or whether it's because the idea is just new. I've certainly heard of applications for RFID implants that seem quite reasonable to me. Tracking Alzheimer's patients by implanting a chip that can be read by doctors might well provide a lifeline to confused and vulnerable people in a time of need -- and I speak as someone with first-hand experience of the tragedy of Alzheimers. In this example, the chip simply has a 16-digit number. It is implanted in the patient's arm and read using a handheld reader (just like our old favourite the Baja Beach nightclub). The Verichip chip -- which is what is being used here -- was approved as a medical device in 2004 by the Food and Drug Administration (FDA) is currently being used in nearly 200 hospitals. I'm not sure if I'm as enthusiastic about the idea of chipping my children but I'm not sure why. It seems perfectly reasonable for someone to say to me "how come you put a chip in your cats, so that if anything happens to them the vet can identify them and contact you, but you won't put a chip in your kids?" and I'm not sure how I'd answer. There must be a philosopher, moral teacher or ethicist out there who can help!

Technorati Tags: ,

Continue reading "Chip the lot of 'em" »

Contactlessness and confusion

By davebirch posted Aug 20 2007 at 5:11 PM
[Dave Birch] Contactless payment technology faces adoption hurdles caused by consumers (and, I might add journalists) misunderstanding the difference between radio frequency identification (RFID) and contactless smart cards. In fact
Confusion between the two technologies could eventually impede the potential growth of the both the RFID and contactless smart cards markets
says Michelle Foong, an industry analyst at consulting firm Frost & Sullivan. The confusion is causing many consumers to worry about security. And not only consumers, but also lawmakers. Out in California, legislation to ban RFID is being considered in Sacramento that would ban the use of RFID, including high-security contactless smart cards, in many state government agencies and programs. While the intent is to protect the security and privacy of those who have personal information stored on RFID chips, many provisions in the bills are misguided and ultimately unnecessary. In fact, as the newspaper article correctly points out, if passed in current form the bills would stifle innovation hinder technology development instead of punishing bad behaviour. The source of the problem is of course misconceptions about the technology and its many applications. In particular (my hobby horse) the word "RFID" is used for every short-range wireless technology going yet it is not the "one size fits all" technology that some privacy advocates seem to think. There is a world of difference between a magnetic ink tattoo on a cow and an American Express Expresspay chip, yet they are somehow seen as being the same.

Technorati Tags: , ,

Continue reading "Contactlessness and confusion" »

My identity? Blue till I die

By davebirch posted Apr 5 2007 at 9:41 AM

[Dave Birch] The pride of association football, Manchester City Football Club, are also the pride of the smart card world.  The first football club in Britain to have an all-smart card (ie, no paper tickets) stadium, they have been blazing a trail in the use of NFC phones for entitlement and access control.  City equipped 30 fans at the beginning of the season with Nokia 3220 NFC phones to store ticket information and open stadium turnstiles when held against a contactless reader.

‘The trial proved the technology works and the feedback from fans of all ages has been positive,’ said Duncan Martin, head of retail at Manchester City (who described the contactless access scheme to the fifth annual Digital Identity Forum) says ‘We must now wait on the development of mobile phones equipped to accept NFC.’  Quite, but it won't be too long.  More importantly, he goes on to say that 'we believe that eventually more mobile phones will be used to gain entry to the stadium than smartcards.'  Duncan is a very sensible guy, so if he says that, I take him seriously.  It seems to me that the kind of evolution we are seeing here -- from paper, to contactless, to NFC -- will be replicated across many sectors, with the obvious implication that anyone designing an identity, entitlement or access card scheme today must be designing it with the roadmap to mobile in mind.

Technorati Tags: , , ,

Continue reading "My identity? Blue till I die" »

Aargh! Is this identity or money?

By davebirch posted Mar 23 2007 at 10:37 AM

[Dave Birch] I'm thrown into category confusion, because I wanted to mention the use of Octopus (ie, transit) contactless smart cards in Hong Kong.  As we have often discussed, the way in which Octopus has spread from transit to retail payments makes for an interesting case study.  But it is also the case the Octopus cards are being used for physical access control.  Since everyone, essentially, has one there is no point in implementing proprietary access control systems for offices or apartment buildings: you may as well just let people use their Octopus cards.  This always struck me as rather interesting, particularly given evidence from other markets that people might be reluctant to load too many functions onto one card.

Technorati Tags: , , ,

Continue reading "Aargh! Is this identity or money?" »

I'd like my stuff to chat more

By davebirch posted Mar 22 2007 at 6:23 PM

[Dave Birch]  The potential growth of the RFID market is "huge".  It's not just me who says this, but the "Information Society and Media" Commissioner, Viviane Reding told reporters at CeBIT.  She estimated that the European RFID market will grow from €500 million ($660 million) in 2006 to €7 billion by 2016. "We're strong in wireless, mobility and chip manufacturing, and we must develop this for RFID," she said. But the commissioner also warned that industry must pay greater attention to security and privacy issues. "We must make industry aware that the Internet of things must be an Internet for people".  That's a phrase I rather like, and it echoes some of our comments on this.  She also announced the creation of an "RFID stakeholder group," including representatives from industry and consumer groups. The group will provide advice to the Commission, which plans by the middle of this year to propose amendments to the e-Piracy Directive taking account of RFID applications. Also, later in the year, the Commission intends to publish recommendations for member states on how to handle data security and privacy issues affected by the use of RFID. .

Technorati Tags: ,

Continue reading "I'd like my stuff to chat more" »