Not long ago, an article was published on this blog underlining necessity to make a difference between processes of identification and authentication. Identification aims at learning who is the person I deal with. We can e.g. learn that the person is Mr. Smith from London, born February 6, 1970. Authentication consists in proving that this alleged Mr. Smith is really the person he claims to be.
Making the clear difference between these processes is useful for thinking about mobile ID concept. Recently, several companies, such as HID and Gemalto, introduced this idea, which is quite simple. A new application, virtual ID card, will be downloaded into user´s smartphone. There is no need to carry another card, a risk of loss is eliminated, the solution is cheaper than physical document production… many benefits. However, there are also some reasons to worry. Your battery can die at the awkward moment. Some social groups do not own smartphones, do not want them or are not able to use them. However, security is the critical objection. Statistics by antivirus company Kaspersky says that the almost one fifth of European smartphones contains malware. It is not so bad in comparison with the rest of world (one-half of China smartphones is impacted), but it is still too bad to implement personal documents into such an environment. We need to consider that substantial proportion of malware enables attackers to apply remote control of someone´s smartphone, including “watching” PIN entering.
A concept of HID covers this problem. Mobile ID would be useful for identification. Information about user´s name, address, birth, marital status and a serial number of the document can be stored in an ID application. In many situations, it is sufficient, when the user is asked for personal data in a hotel, transport, etc.
However, authentication is sometimes necessary. A user asks for cash in his/her bank, tries to enter a classified building or sometimes a policeman is too suspicious. For such situations, a user has his/her polycarbonate ID card with many security elements. This scarce using of physical ID cards enables to understand the importance of physical ID card. Users will be more dedicated to its protection; policemen will pay bigger attention to detail viewing of cards.
Altogether this would mean that a citizen is given a physical ID card and an ID application is downloaded into his/her smartphone. Provided he/she wants it. It is more comfortable than permanent carrying of physical documents and much more secure than crazy ideas such as a central biometric database.
BLOG společnosti OPTAGLIO 