Smartcards, digital identity and black holes
A presentation to the 5th Annual Smartcard Summit, Canberra, October 2009.
Recent history shows it is difficult to discuss digital identity, authentication and smartcards without being drawn into the black hole of an identity card. This presentation is chiefly concerned with breaking the nexus between smartcards and ID cards. Plenty of other commentators have questioned the fundamental needs for identity cards. Here we’ll come at the issue from the other side: what good is smartcard technology in online security and privacy? And how do we design smartcard systems to avoid creating a new ID card by default?
For the most part, we actually do a good job today of identifying people. In a few cases like banking, identification is regulated. But generally speaking identification is a local issue. Most business transactions are based on specific qualifications and credentials. The rules are not worked out centrally, but vary from one sector to another. Different identities apply in different contexts, such as when a lawyer signs off on a piece of conveyancing, or when a doctor signs a prescription, or when a customer signs a credit card purchase. A small business owner might have their personal and business bank accounts with the same institution, but they exercise different identities (that is, distinct cards and accounts) when she does business banking and personal banking. In the real world, all these different identities are reasonably well managed.
The most pressing problem in cyber security is to be able to use real world identities online, without fear of theft, cloning, replay attack, counterfeiting and impersonation.
Where there is a need to improve real world identification practices, as with immigration for example in some jurisdictions, smartcards offer special abilities to carry, protect and present identifiers and personal attributes, enhancing privacy and security at the same time.
The principles in this 5-year-old deck are as important as ever. In Australia we still struggle to conceive of strong authentication without invoking the dreaded "Australia Card" (an ill fated national identity proposal from the pre-digital 1980s). I wrote of smartcards in the '00s, but the same smart technology is now ubiquitous in mobiles . So as you read these old slides, in your minds, please substitute "smartcard" with smart phone.
The important thing is to conceive of a plurality of personal digital identities, secured within personal devices (hardware wallets) and each one presented intelligently in context, sending the right identity to the right service. Contemporary thinking and technologies - like the FIDO Alliance protocols - are even better suited now to handling discrete digital attributes in personal devices.
The way to avoid a national identity scheme is to equip citizens with secure, tangible, independently certified devices and diverse sets of relevant digital identity data.