We all have many plastic cards in our wallets — driver’s license, credit cards, healthcare cards and more. Many have some mechanism for exchanging data with a reader either via a barcode, magnetic strip or chip. Unfortunately, these mechanisms for exchanging data do not always provide the best authentication.
Barcodes are for automation, not identification
The use of barcodes, magnetic strips and chips, can automate the process of reading the information from the card but there is no mechanism to prove that the person carrying the card is the person to whom it was issued. Visual identification via a picture on the card can help but there is no proof that the card has not been altered. Some readers can employ external communication with the card issuer or a verification agent to confirm the data on the card but this is tedious and requires an internet connection.
Digital baby steps
We are starting to see visual representations of plastic cards being stored on smartphones. These can be used for identity verification because smartphones can present a barcode for scanning or can read a presented barcode. These types of exchanges require the phone and reader to be near one another. If you have used a digital airline boarding pass on your phone you know that finding the right position for scanning can be difficult, even when the reader is stationary. While that is a minor inconvenience when boarding an airplane, it can be a safety issue for a police officer during a traffic stop or confrontation. The peer to peer communication technologies in smartphones allow us to move beyond these type of barcode exchanges to a more secure solution.
Identification in the digital era
Smartphones can securely exchange data with one another over a short distance using wifi or Bluetooth connections. Digital identity documents can be signed by an issuing authority and securely transferred and stored on smartphones. Biometric authentication on the smartphone insures that the owner of the phone is the owner of the identity document stored on that phone. Security is improved.
Once an individual has been properly authenticated, identity documents can be issued immediately. Documents can be updated, replaced or revoked, as necessary. There is no need to physically travel to an issuing authority for a replacement and to wait for a plastic card to be printed and mailed. Convenience is improved.
During a verification request the owner can select the identity traits to share with the requester. You no longer need to reveal your exact age or birthdate to a bartender, but only the confirmation that you are of legal drinking age. Since data is transferred digitally, there is no awkward coordination of alignment for proper scanning of a barcode. Authentication can be performed at a safe distance. Safety is improved.
A survey by the National Coffee Association finds that 64 percent of Americans, age 18 and over, drink coffee daily. After factoring in the less-caffeinated casual coffee drinker, this results in 400 million cups of coffee consumed daily in the United States. That may seem like a lot, until compared with most European countries who […]
Identity and control of personal identity is top of mind, given recent events as well as the European Union’s General Data Protection Regulation (GDPR). A lot of our identity is shared without our explicit consent, gets stored in locations we are unaware of, and when compromised creates tremendous setbacks. Almost everything we do in the […]
You buy insurance — auto, health, life — because you want to be sure you and your family will be OK if anything unexpected happens. But as time drags on while you wait for a claim to be processed, you start to wonder if the benefits are worth the hassle and higher premiums. These negative […]