About The Blog

Debate at the intersection of business, technology and culture in the world of digital identity, both commercial and government, a blog born from the Digital Identity Forum in London and sponsored by Consult Hyperion



  • Add to
Technorati Favorites


  • Creative Commons

    Attribution Non-Commercial Share Alike

    This work is licensed under a Creative Commons Attribution - Noncommercial - Share Alike 2.0 UK: England & Wales License.

    Please note that by replying in this Forum you agree to license your comments in the same way. Your comments may be edited and used but will always be attributed.

20 posts categorized "Corporate & Campus"

The future is another (virtual) country

By Dave Birch posted Oct 14 2008 at 5:55 AM
[Dave Birch] In many countries the banks have begun to issue 2FA tokens of one form or another. In some places, such as Singapore, 2FA is already mandatory for home banking, and everyone is used to carrying around their token. In many companies, people use 2FA tokens of one form or another for intranet and VPN access. Authentication is improved tremendously, hurrah. But the "necklace problem" looms. The necklace problem is that if you need half-a-dozen different tokens to log in to your different bank accounts and corporate systems, not to mention government services, then you will have to carry them around your neck or risk not having the right one by your side when you need to do something. Oddly, despite the existence of (for sake of argument) SAML or OpenID, none of the tokens that I have in my possession are in the least bit interoperable. My Barclays token doesn't even help me log in to another U.K. bank, let alone the U.K. government or a corporate site.

Continue reading "The future is another (virtual) country" »


By Dave Birch posted Oct 6 2008 at 10:30 AM
[Dave Birch] The current issue of Scientific American has a special section about privacy (there's a podcast with the editor here) and it made for a diverting read for me, because I tend to see privacy through the digital identity prism rather than from a wider (albeit still technological) perspective. So instead of thinking about privacy in "mechanical" terms -- which digital identities are allowed to validate the credentials of which other digital identities and under what circumstances -- I've been thinking about privacy in social terms and wondering if this different perspective leads to different conclusions about the way forward.

Continue reading "Unscientific" »

Adriana Lukas, MediaInfluencer

By Dave Birch posted Jun 16 2008 at 11:29 AM
[Dave Birch] Adriana Lukas was one of the founders of Samizdata, one of the first political blogs, and went on to be part of the The Big Blog Company before becoming a social networking, well, guru, frankly. She is developing interesting new thinking about identity from a non-technical direction and in this podcast she discusses some of the key concepts, touching on hew work with Project VRM and "The Mine" tool.

Continue reading "Adriana Lukas, MediaInfluencer" »

"Real" and "virtual"

By Dave Birch posted Jun 13 2008 at 4:57 PM
[Dave Birch] At the 21st European e-Identity Conference, there was a presentation on the regulation of virtual worlds by Bart Schermer from the University of Leiden. I know we've discussed it here many times before, but I mention the presentation here because In the Netherlands (where the conference was taking place), the first virtual theft case is now being prosecuted. The case concerns the theft of €4,000 worth of Habbo Hotel furniture stolen by a "phisher" who obtained account passwords. Not only does this confirm that phishing in virtual worlds is going to be just as much of a problem as phishing in the sort-of-real world, it confirms that the virtual world might be a good customer for bank authentication systems. Of course, as a consumer I don't care if phishers get in to my bank account, because my bank will give me the money back. But I do care if they take over my virtual world avatar: Will I get my magic sword back?

Continue reading ""Real" and "virtual"" »

Second life, third age

By davebirch posted Jun 14 2007 at 9:49 AM
[Dave Birch] An evening out at the Financial Services Club in London, organised by the always interesting Chris Skinner. This time, the speaker was Tim Collins, SVP Experience Marketing, Wells Fargo (*). He was talking about participating in emerging online environments. He began by explaining what experiential marketing was: broadly speaking, it was something to do with interactive and authentic communications between the brand and the consumer. He covered social networking at a high level, ranging from MySpace and YouTube to CraigsList and LinkedIn but then moved on to explain what Wells Fargo had done, focusing on blogs and virtual worlds. I'm currently fascinated by the emergence of new kinds of communities so Wells' experience with the different kinds of blogs were rather valuable and Tim had some very clear insights, I felt, into the use of what we might broadly call social networking to support business goals, but I can't tell you what they were because we were told at the beginning of the seminar that we have to get permission from Wells Fargo to quote Tim and I can't be bothered to. But I will say that last year Tim was quoted in the Harvard Business Review saying that “An educated consumer is our best customer”.

Technorati Tags: , ,

Continue reading "Second life, third age" »

Virtual identity theft or identity virtual theft or identity theft virtually?

By davebirch posted May 16 2007 at 8:06 AM
[Dave Birch] We all understand how phishing is spreading from home banking roots to more and more online environments, not only in business but also in government. An example was the the Australian Taxation Office (ATO) warning about a phishing e-mail that used the ATO logo and came with the words 'Australian Taxation Office - Please Read' in the subject line. Claiming to offer a refund from the ATO, the message asks users to click on a link that redirects, of course, to a fraudulent web site. And never mind the real world, it's getting out of control in the virtual world as well, with the news that hackers -- most likely in China and Russia, apparently -- have been surreptitiously installing keylogging software on World of Warcraft (WoW) players' PCs, then hijacking their accounts and selling off their often valuable in-game assets. It's virtual burglary: when you log back in you've been e-turned over and all your stuff is gone. Try complaining about that down at Guildford nick.

Technorati Tags: , , , ,

Continue reading "Virtual identity theft or identity virtual theft or identity theft virtually?" »

Real law, virtual property

By davebirch posted May 1 2007 at 10:26 PM

[Dave Birch] A famous entrepreneur in Second Life, Anshe Chung, convinced YouTube to pull down an off-color video of her virtual self being harassed during an interview, an action that raised some interesting questions about the legal rights of the inhabitants of virtual worlds.  Anshe Chung Studios demanded that YouTube delete the recording, citing the Digital Millenium Copyright Act (DCMA), which generally requires Web sites to remove material that infringes on copyright laws.  The harassment took the form of animated penises attacking her avatar during an interview in front of dozens of audience members.  It looks as if real law and virtual worlds are going to be inseparable.

Technorati Tags: , , ,

Continue reading "Real law, virtual property" »

One to many

By davebirch posted Apr 23 2007 at 4:25 PM

[Dave Birch] A digital identity may map to many online virtual identities (ie, you might use OpenID to log in to World of Warcraft and the government) and it is this mapping that is usually being considered when we talk about managing virtual identities.  But a virtual identity may also be owned by several real identities.  That is, a husband and wife might both have the password to a single OpenID log in, or both have the PIN to the same smart card.  In fact, this arrangement will be common in the business world (ie, several executive officers of Consult Hyperion control the digital ID "Consult Hyperion").  This is a logical way to organise things.  However, the acid test of new structures like this is: what happens when something goes wrong?

Technorati Tags: , , ,

Continue reading "One to many" »

Where's the virtual Home Office when you need them?

By davebirch posted Mar 21 2007 at 7:11 AM

[Dave Birch] Let's be clear: there is something interesting happening around virtual worlds.  I'm not entirely sure what it is, and nor is anyone else, but the primal soup of computer-mediated communications, social networking and immersive 3D graphics is brewing and something will evolve.  This has ramifications for the world of digital identity because, apart from anything else, it changes the way that we think about identity (and multiple identity).  It seems to me that virtual worlds are beginning part of mainstream thinking: my evidence for this is that the moral panic that accompanies all new technologies that enter the mainstream is now under way.

Technorati Tags: , ,

Continue reading "Where's the virtual Home Office when you need them?" »

Meaningful and unique

By davebirch posted Jan 17 2007 at 5:21 PM

[Dave Birch] More developments in the digital identity laboratory that is the interface between the real and virtual worlds in the Far East.  The Chinese authorities are concerned that Internet users there are are accessing online games and web sites with fake identity card numbers to preserve their anonymity.  This is because some games and web sites need a name and identity card number when registering new users.  The result has been that Chinese gamers can download software that can generate fake identity card numbers given fake names and addresses.  The software can even forge the identities of residents in Hong Kong, Taiwan and Korea, so that Chinese gamers can get on to servers in those countries.

Technorati Tags: , ,

Continue reading "Meaningful and unique" »