Protect real people, not identities!

Digital identity, mobile ID, federated identities, ID management – these and similar terms that used to be part of IT world now often get into the centre of discussions about security, service delivery and even philosophy of attitude of states towards their citizens. And, of course, significant technology projects with huge budgets.

There are even approaches that have silently accepted the assumption that information systems can be the real base od identity policies. Physical authentication processes can be thus derived from information systems. Some even suggest replacing of physical ID documents by mobile applications, a de facto extension of central information systems.

How fascinating are these new ideas, common sense should still be applied. Otherwise, it may happen that their implementation will lead to the creation of the world where digital ID and secure personal information sharing work perfectly, nevertheless it is not possible to authenticate many real-life persons.

It is thus useful to come back to earth regularly, leaving the world of technical details and sexy concepts, asking a simple question: Why we do it?

The answer is: To enable Mr. Brown from Crawley, West Sussex to proved that he is Mr. Brown from Crawley, West Sussex, and not someone else. To protect other people from being misled by Mr. Black claiming that he is Mr. Brown.

It should be reminded again and again that protection of abstract identity is not the goal. Security of a person is the goal. Protection of a citizen with his/her look, place of living, contacts and relations. Identity management is just a tool to enable this particular citizen to be authenticated, even if he/she leaves his/her home.  It is critical. Most effort and investments should be concentrated here.

An information system is just a tool. A record in the system is just a reflection of real physical identity. If the record is deleted, Mr. Brown is still Mr. Brown.

Shared digital ID, biometrics, mobile applications etc. can work only above this firm base. The entire system of electronic ID management falls down if it is not possible to prove physical identity unambiguously and undeniably. There would be no difference between real Mr. Brown and an anonymous account at a social network.

The critical question is the following: Is physical identity protected so strongly that it can be the base for digital identity? Is physical identity protected against failing of electronic tools? The answer points toward physical ID card with ultimate protection against all types of attacks and process of its issuing.

Optaglio, the global leader in high-resolution security holograms and a research organisation, can help with the following:

This portfolio is not closed because Optaglio´s research units innovate continuously.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s