Newmark called some form of distributed trust system “the killingest of killer apps” for the web over the next decade (he said he wasn’t sure that was the best way to describe it, but was trying out to see how it sounded). He talked about “reputation and trust ruling the web, just the way it does in real life,”[From Craig Newmark on the Web’s Next Big Problem – GigaOM]
Do they rule real life? Consider the transactions that I’ve made so far today. I took a bus — no trust required, I paid with cash — and then bought a train ticket — chip and PIN, so no trust in me required — and went to a couple of meetings — we’ll come back to this in a minute — took the train home — no trust in me required since I had a ticket — and then took the bus home — no trust in me required since I had a ticket.
Clearly, though, there are situations where trust is important, and we have no cost-effective, functioning market solution to this at the moment. As noted elsewhere on this blog, there ought to be some form of two-sided market in place where multiple trust providers supply interoperable credentials to the “relying parties” (in the jargon).
Hey, this sounds like a service being worth paying for, just like the same relying parties pay for other services such as banking, telecommunications and energy. If there is value, a market can come and the growth will come by itself when the trust is organized properly. It’s just a matter of getting the industry act together. Let’s start looking for the business problems we are trying to solve with e-identity.[From Innopay – Payment Consultants – home]
Good point. In the meetings I went to today, one was with someone I’ve known for years but one was with a potential new customer. He’d been given my name by a colleague and dropped me and e-mail. When I turned up and gave him my business card, he took it on trust that I was who my card said I was.
There are situations, however, where that implicit trust can cause problems. Here’s one, so when presented with a proposal for identity infrastructure, ask yourself how the proposed scheme might help to solve a real-world problem such as this one.
As he entered the hotel suite, an elegant, slightly thick-set man handed him his card, ‘Paul Ogwuma, Director – Central Bank of Nigeria.’ Although Sakaguchi had never met Nigeria’s most senior banker, Ogwuma’s reputation in the world of international finance was solid. And he was there with his deputy, his deputy’s wife and a senior representative of Nigeria’s Aviation Ministry. The atmosphere at the meeting was both cordial and businesslike.[From The Banker and the Chief – NZZ Folio 02/09 – Thema: Parallelwelten]
A business card isn’t any more use than, say, a United Kingdom National Identity Card, since the person sitting across the table from you in a business meeting has no way of telling whether it is real or not.
As he awaited trial on charges of criminal conspiracy in his modest, neat home in Coita, just outside Sao Paolo, Nelson Sakaguchi denied that he had noticed anything fishy about the Nigerian deal. To this day, he swears he had no idea that his main business partner in the Abuja airport scheme was in fact Chief Emmanuel Nwude. Although uneducated and described by one lawyer as ‘a thug,’ Nwude demonstrated confidence and ability in wriggling around the sewers of Nigeria’s corruptocracy. He was a successful businessman but he was not, as he claimed at that London meeting, Paul Ogwuma, the Director of the Central Bank of Nigeria.[From The Banker and the Chief – NZZ Folio 02/09 – Thema: Parallelwelten]
The story is, of course, about a Nigerian 419 fraud. This one was on a particularly large scale because the victim was a leading international bankers and therefore unable to distinguish between real and fictional investment opportunities. Every time the banker, Nelson Sakaguchi sent the Nigerians another $3 or $4 million of the banks’ money, he expected the profits to come back. Instead, Chief Nwude and his accomplices requested a further payment in order to pay for fabricated legal fees or bribes. And as the banker’s losses mounted, so did the compulsion to pay out more millions in the hope of retrieving the ever greater sum invested, just like a gambler coming back to the table again.
Incidentally, and unrelated to the point of this post, the unfortunate Mr. Sakaguchi was
Sakaguchi… has spent almost two years in a Swiss jail for money-laundering (he was sentenced to 30 months). Ironically, he was found guilty of laundering the very money which the Nigerians were stealing from him.[From The Banker and the Chief – NZZ Folio 02/09 – Thema: Parallelwelten]
How different this story might have been if Mr. Sakaguchi’s e-mail client had simply flagged the initial e-mail as not coming from the Central Bank of Nigeria (because the digital signature on the message did not resolve in the Central Bank of Nigeria’s certificate chain or it Mr. Sakaguchi’s phone had displayed a red cross rather than the Chief’s photo after reading his business card. We have the technology.
These opinions are my own (I think) and presented solely in my capacity as an interested member of the general public [posted with ecto]