We’ll be giving Barclays the finger next year

Dgwb blog white border

Biometric authentication against a device with tamper-resistant hardware is a good general-purpose solution for mass-market online login. For the foreseeable future, that device will be the mobile phone and that biometrics will be the fingerprint, but Barclays use of finger vein scanning is still interesting.

Special Feature: Electronic voting, electronic identity and electronic entitlement

Dgwb blog white border

There is a good way to fix the problems with voting, and it’s not with photocopies of gas bills or Railcards. Time for a National Entitlement Scheme.

Something must be done.

At Consult Hyperion, we are interested in electronic voting for three main reasons:

  • We are thought leaders in the digital identity space and electronic voting is a key “stress” application for digital identity;
  • We advise public sector clients on national identity and identity-related schemes (eg, the Irish Government’s Public Services Entitlement Card);
  • While people think about electronic voting in national and other political elections, there are a great many other applications of interest to our clients. A good example is the use of electronic voting for corporate purposes to replace postal voting at shareholder meetings, where the techniques developed for political elections could be used to reduce costs.

The practical deployment of, and experiences learned from the use of, new electronic voting systems are invaluable input into the wider question of identity infrastructure for a modern society, which is why we were delighted to be able to sponsor the 4th International Conference on e-Voting and Identity at the University of Surrey last year. This turned out to be an excellent event and we learned a lot about the different approaches to the problem, constraints, potential solutions and so on. As it happens, there are a great many practical problems around voting, and the solutions are complicated. But there are real social needs that must be addressed, and one of them has just reappeared in the British media.

Voters should be required to show photo ID at polling stations in Great Britain to lessen the risk of fraud, the Electoral Commission has said.

[From BBC News – Voters ‘should be required to show photo ID at elections’, says watchdog]

Personally, I’m in favour of voter IQ laws as well as voter ID laws, but there you go. While electoral fraud is not rampant in the UK, it is certainly not non-existent. The Electoral Commission in fact identified 16 out of the 400 local authority areas in the UK as being at risk, one of these being my own dear Woking, where we have a long and proud traditional of electoral fraud and only last year one of the candidates in local elections was found guilty of electoral fraud. The Electoral Commission highlighted the major problems that have been identified around postal voting (which I do not think should be allowed, but that’s another issue). Foreign readers might be surprised to learn that when you go to vote in the UK you simply give your name and it is crossed off of a list of eligible voters, much as it was when the first Viscount Watkinson was returned as Woking’s MP in 1950 when the constituency was created, or for that matter when Sir Talbot Buxomley was first elected MP for Dunny-on-the-Wold in the reign of George III. This arrangement is no longer immune from the suspicion of personation, so the Commission has recommended the use of photographic ID.

The research revealed that some people were concerned that a requirement for photographic identification would discriminate against certain groups of electors, who would not necessarily have any form of photographic documentation, such as a passport or driving licence.

[From Security Document World]

Similar issues are to the fore across the pond where the US voter ID situation is in a bit of a mess. If I understand the current situation properly, one of the problems with the just-introduced Voting Rights Amendment Act 2014, which is a response to the Supreme Court striking down part of the Voting Rights Act last year, is that there is potential for discrimination against people who are not able to obtain a “Voter ID” card. You can see their point. In other countries, this isn’t a problem, because everyone has some form of ID card. But in the US which, like the UK, has no identity infrastructure, then “systems” developed for other purposes will have to be sub-optimally commandeered. This is the sort of thing that is going to be proposed in, to pick a random example, Nevada.

The new voting system also would link with Department of Motorized Vehicle’s license database, allowing poll workers to visually verify the identity of the person attempting to vote.

[From Nevada secretary of state gets mixed reaction to voter verification proposal – Las Vegas Sun News]

Since the British government recently announced that it was going to put driving licence details online anyway, then I imagine there would be some pressure to use this database, despite its being known to be notoriously inaccurate. But what else do British subjects have to hand with a photograph on it, if not a passport or driving licence? My son could use his student ID card, I suppose (although I am rather against allowing students to vote, on principle) although I’ve no idea how it might be verified on the day. Perhaps they could ask us to sign to vote?

Untitled

On a recent expedition to New York I was asked for photo ID as condition of entrance to a well-known landmark. I produced the (expired) building pass for our Madison Avenue office as was waved through. Which illustrates what is to me a central problem: if I am required to produce a photo ID at a polling station, it will do nothing to prevent fraud. The polling stations are manned by local volunteers doing their civic duty, not by expertly-trained anti-fraud personnel who are skilled in the inspection and detection of counterfeit identity documents. If I show up to vote and present a driving licence, a Portugese fishing licence or an England football club supporter’s card, the polling station staff will have no means to verify it. As it happens, some UK pressure groups are against photo ID in principle anyway, because it discriminates against people who don’t have a photo ID. Consequently,

the idea of voters being requested to provide a non-photographic form of identification at the polling station was welcomed in principle by both the public and electoral administrators.

[From Security Document World]

This seems utterly stupid to me but it is certainly in the great British tradition of pointless activity! It follows the tried and tested political theory of “something must be done, this is something, therefore it must be done”. So the Mother of Parliaments will rest on a franchise that is protected by photocopies of gas bills, since as we all know, electoral terrorists dedicated to subverting democracy will be unable to forge those. Not that I can produce one anyway, because my gas bill is electronic.

Compared to this, the TSA’s decision to accept Facebook profiles as valid identity for boarding flights in the US seems sound. On balance, I judge it to be far harder to forge a plausible Facebook profile than a plausible gas bill, so if I turn up at the polling station and log in to the Facebook profile for David Birch (if there is a Facebook profile for a David Birch, incidentally, I can assure you it isn’t me) then they may as well let me vote.

The USA’s Transport Security Administration is accepting sight of a traveller’s Facebook profile as a form of ID, it has emerged.

[From Facebook profile accepted as ID at airport security | The Drum]

One can imagine that this approach might itself still be further secured by the addition of photo ID. There’s an app for that…

An upcoming app for Android, iOS, and Google Glass called NameTag will allow you to photograph strangers and find out who they are — complete with social networking and online dating profiles.

[From Facial recognition app matches strangers to online profiles | Crave – CNET]

So all we need to do is equip the polling clerks with Google Glass and job done? I don’t think so. I think we should think about what infrastructure is needed here and then work out the best to way implement it. There are a great many circumstances in which I would certainly imagine a Facebook profile to be a much better form of identification than a photocopy of my gas bill, but voting isn’t one of them, especially if there are already concerns about fraud.

But Electoral Commission chairwoman Jenny Watson said most voters could use passports, driving licences or even public transport photocards to prove who they are at polling stations. Those without any of these documents could request a free elections ID card, she added.

[From BBC News – Voters ‘should be required to show photo ID at elections’, says watchdog]

I am not making this up. Gas bills, Facebook profiles and railcards. That is where our democracy is in 2014. What a joke.

This is something.

The real solution is, of course, not using Railcards or football supporter’s cards, or indeed special-purpose election ID cards, but a general-purpose National Entitlement Scheme (NES). Few readers will remember this, but some time before the UK government’s last attempts to introduce a national identity card, there were consultations around a much better idea, which was a national entitlement card. As my colleague Neil McEvoy and I pointed out in Consult Hyperion’s response to this consultation, the “card” is only one mechanism for storing and transporting entitlements and in the modern age there might be better ones, such as mobile phones for example, that can not only present credentials but also validate them.

It is time to revisit that proposal to try and get the British government out of its muddle about identity infrastructure. A future administration will certainly have to introduce something, not only because of the issue of voting fraud but due to continuing concerns about illegal immigration, health tourism, benefit fraud and so forth. Suppose that the vision for national identity (based on the concepts of social graph, mobile authentication, pseudonyms and so on) focused on the entitlement rather than on the transport mechanism or biographical details? Then, as a user of the scheme, I might have an entitlement (ie, a public key certificate) on my purpose-built national entitlement card (so that’s some of the population taken care of), I might have a entitlement certificates on my bank card (so that’s the overwhelming majority of the population taken care of) and I might have certificates in my mobile phone (so that’s 99.9% of the population taken care of). Remember, these certificates would attest to my ability to do something: they would prove that I am entitled to do something (access the NHS, open my office door, buy things in Waitrose), not who I am. They are about entitlement, not identity as a proxy for entitlement. The government could give out free smart card readers (as they do in Spain) or leave it to the banks to distribute them.

In practice, I think the example set by a modern countries such as Turkey and Estonia are most attractive: I log in to the whatever with some pseudonym, the service provider sends a message to my mobile phone (over-the-air or via NFC or BLE in the future), the PKI in my SIM decodes the challenge and signs the response, and I’m connected. Securely and simply. And if other service providers want me to log on in the same way, they can issue their own certificates as well. There’s a similar approach to this in Norway except there the IDs are issued by the banks and used by the government and other private sector organisations. Imagine a national entitlement scheme that used this technology: it would be efficient and cost-effective, since it would use the phones that people already have to deliver services that they definitely want.

And, best of all, my phone would be able to check the entitlement presented by your phone, so none of us would need special equipment. I show up with my phone and claim that I am entitled to vote: my phone presents a meaningless but unique number, this is entered manually or automatically into the polling clerk’s phone which flashes up my picture if I am entitled to vote or a red cross if I am not. I show up with my entitlement card and the polling clerk reads it using their NFC interface, and so on. Instead of postal votes, the polling clerk can go to the old folk’s home and let them vote individually, certain that they are not being threatened or cajoled.

Should people be allowed to go one step further and simply log in to vote from home? For political elections, I think not. Voting must be in public in order to dispel any suspicion of coercion. Maybe it won’t have to be a polling booth any more (you could have general elections that last a week during which people can vote at Post Offices or bank branches or whatever), but it has to be somewhere public.

Therefore it must be done.

It seems to me that a national plan to finally do something useful about identity might obtain “parasitic vitality” (to use one of my favourite ID phrases) from the specific issue of voter ID. In the UK and in the US, this might be a way to both improve security around the act of voting as well as vector for deployment. Maybe electronic voting can be a focus to get the Cabinet Office’s Identity Assurance (IDA) scheme a flagship and get the public and private sector working together to deliver an infrastructure that will be of benefit to all.  I should mention in passing that we have been working with the Cabinet Office on one of their “Alpha Projects” in the North of England which, as it happened, included photo ID for authentication as one of the use cases.

I’ll be talking about the idea of National Entitlement Scheme (NES) in my keynote at the 17th annual Consult Hyperion Tomorrow’s Transactions Forum in London on 19th and 20th March 2014. Unfortunately, mine will only be the second most interesting keynote at the event, because the kick-off keynote will be by Felix Martin, the author of “Money: The Unauthorised Biography”. As always the Forum — thanks to the fantastic support from our platinum sponsors Visa Europe & VocaLink, and our sponsors Fiserv & Olswang — is limited to 100 places. Oh, and did I mention that all delegates will be getting a complementary copy of Felix Martin’s excellent book, by the way?

See you at the America Square conference centre on 19th March at 9.30!

The real wallet wars are about to begin, and they’re not about payments

Dgwb blog white border

The most important thing in digital wallets will be identity, not money. If you’re sick of listening to me about this, listen to @Jack.

The “hot five” retail transaction technologies for our clients in 2014

Dgwb blog white border

It’s traditional in blogs of this kind to have a go at a “top N” set of predictions for the coming year, so I’ll give it a bash and have a go at what I think will be the “hot five” secure electronic transaction technologies that will have our clients updating their roadmaps in 2014.

Anywhere, anyone

I’ve been reading Emily Nagel’s book “Anywhere“. She’s the CEO of Yankee Group and the book is about global connectivity revolutionising business. I hope she won’t be offended if I say that it’s an “airport book”, but it’s an accurate description, at least for me, because I read it on the plane. There’s something that bothers me about it, though. It has lots of stories and examples and narrative about ways in which business is transformed as it goes online, but it doesn’t have “identity” or “authentication” in the index and says nothing about the identity problems that will need to be solved in order to realise the full potential of connectivity. As I’ve often observed before, using my favourite Kevin Kelly classification, connection isn’t the problem: it’s the disconnection technologies that will shape the medium-term roadmap for transforming new technology into business models: once everything is connected to everything else, the business model shifts to the creation and management of subgroups within that single, giant internet of everything.

Here, things aren’t going so well. By coincidence, the Saturday newspaper that I picked up after putting down Emily’s book had a technology advice column, and there was a letter from a typical consumer in it. I paraphrase:

I have a long list of passwords for home banking, shopping, social networks, magazines and so on. I’ve put them all in a Word document. How can I encrypt it?

This is, in a nutshell, the state of the mass market today. We all have masses of passwords, we’ve been complaining about it since 1994, and nothing much seems to happen, largely (I think) because the costs of our time don’t factor into business models. And yet… we don’t seem to be evolving any better business models and we don’t seem any closer to better identity infrastructure. Should we give up? No! I say we should remember William Samuel Henson.

It is sad that the name of William Samuel Henson is largely unknown today. A man of great vision, he petitioned Parliament for permission to set up an airline — with a business model largely based on post — flying to Egypt, India and China. Parliament turned his proposal down on the grounds that it was 1843 and no-one had invented airplanes yet. Henson knew this, obviously, but could see which way technology was evolving and correctly reasoned that just because he didn’t know how to get an airplane off the ground (he had been involved in numerous experiments around powered flight), that didn’t mean that no-one else would. And when they did, there would be a new business to build on aviation technology. So he started thinking about the businesses that would make sense and, since the post had just been invented in the UK, he looked at how that might work in the future.

This is a parable of our identity space now. We can’t get the technology to work, but we know that someone will, so we’re trying to think of business models (I should be clear in our case: we’re trying to think of business models for our clients) that will make sense when the technology works. But we’re thinking about web browsing and e-mail because these have just been invented and they’re our equivalent of the post service. Maybe we should challenge ourselves harder to look at wider possibilities, start from the perspective of social networking, virtual worlds and Twitter rather than Alice sending her credit card details to Bob.

Facebook is better understood, not as a country, but as a refugee camp for people who feel today’s lack of identity-forging social experience.

[From Facebook: the heart in a heartless world | spiked]

I think many organisations should be focusing on the next phase of evolution of online business, and phase that will be fundamentally shaped by the emerging identity infrastructure. But we must be careful not to take what has just been invented (in this case, say, Facebook) and project it into the future as the key to new business models. We have to think more broadly to develop strategic roadmaps for business that can react to the general trends to exploit the technology downstream. An example? Well, it doesn’t matter which social network we’ll be using in five years time, we’ll still need to authenticate ourselves in a more effective way that a Word file full of passwords. It isn’t only me that thinks this.

The president wants consumers to use strong authentication, something more than user name and password, which will most likely add another security factor, say officials familiar with the project.

For example, user name and password is one-factor security, something you know. But additional factors can be added. A token or digital certificate can be a second factor, something you have, resulting in stronger two-factor authentication. If you add a fingerprint or other biometric, something you are, it’s increased to three-factor security.

[From NFCNews | Potential technologies that consumers may use for online ID]

There follows an interesting, but confused, list of options. I’d like to suggest a more straightforward taxonomy, based on a digital identity infrastructure (which doesn’t exist, of course). The article, to my mind, confuses the distinct bindings between the virtual identities that exist in the Net and the real identities that are connected to. This is why it is useful to introduce the notion of digital identity in the middle. So then we get the two categories of things that might be used to solve the

  • Linking virtual identities to digital identities. The article suggests that digital certificates and PKI might be a good way to do this and I agree. Think of a digital identity as a private-public key pair … tamper-resistance… smart cards, tokens, smart phones.
  • Linking digital identities to real-world entities. The article suggests that passwords will be supplanted by biometrics.

Each of these will be a separate business that operates according to difference scale factors (scale in the first case, scope in the second). I don’t know how to make them work, but someone will.

These opinions are my own (I think) and presented solely in my capacity as an interested member of the general public [posted with ecto]


Subscribe to our newsletter

You have successfully subscribed to the newsletter

There was an error while trying to send your request. Please try again.

By accepting the Terms, you consent to Consult Hyperion communicating with you regarding our events, reports and services through our regular newsletter. You can unsubscribe anytime through our newsletters or by emailing us.