Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

NGI Mobile Identity Utility


Published on

A talk on the use of mobile technology as infrastructure for next-generation electronic identity, using the Consult Hyperion "utility model" for identity.

Published in: Technology
  • Login to see the comments

  • Be the first to like this

NGI Mobile Identity Utility

  1. 1. <ul><li>Mobile phones and the identity utility Identity management for the 21st century </li></ul><ul><li>2 nd Workshop on Next Generation Electronic Identity The Hague, June 2008 </li></ul><ul><li>Dave Birch Director, Consult Hyperion. </li></ul>In the world of post-modernism, it is no longer clear that any one identity is “ r eal ” — Charles Raab, Professor at the AHRB Research Centre in Intellectual Property and Technology, School of Law, University of Edinburgh, speaking at The Life of Mobile Data, University of Surrey (Guildford: 2004).
  2. 2. Introduction <ul><li>Five minute problem definition </li></ul><ul><li>Five minute requirement specification </li></ul><ul><ul><li>The big picture </li></ul></ul><ul><li>Five minute solution design </li></ul><ul><ul><li>Mobiles, yes… </li></ul></ul><ul><ul><li>But how, exactly… </li></ul></ul>Identity is the new money Sir James Crosby in Challenges and opportunities in identity assurance , H.M. Treasury (Mar. 2008).
  3. 3. Author: Experience <ul><li>Director of Consult Hyperion </li></ul><ul><li>Experience from around the world </li></ul><ul><li>Organiser of the annual Digital Identity Forum </li></ul><ul><li>Driver of the Digital Identity blog </li></ul><ul><li>Associated podcasts (iTunes “Consult Hyperion”) </li></ul><ul><li>Detailed background </li></ul>
  4. 4. Author: Opinions <ul><li>Identity & Passport Service Forum </li></ul><ul><li>Parliamentary Committee witness </li></ul><ul><ul><li>House of Lords Constitution Committee (2006) House of Commons Select Committee (2007) </li></ul></ul><ul><li>Royal Academy of Engineering Working Group (2006-7) </li></ul><ul><li>Newspapers and magazines </li></ul><ul><ul><li>The Guardian , Prospect Columnist for SPEED and Financial World </li></ul></ul><ul><li>Editorial board of E-Finance & Payments Law & Policy </li></ul><ul><li>Television, radio and podcasts </li></ul>
  5. 5. Author: Books <ul><li>Editor Digital Identity Management (May 2007) </li></ul><ul><li>Editor Digital Money Reader (March 2008) </li></ul><ul><li>Co-Editor Digital Identity Reader (Nov. 2007) </li></ul>
  6. 6. A Five Minute Problem Definition <ul><li>Governments and goals </li></ul><ul><ul><li>E-borders and eBay </li></ul></ul><ul><li>Banks and legacies </li></ul><ul><ul><li>Bringing down the system from within </li></ul></ul><ul><li>Chat rooms and disclosure </li></ul><ul><ul><li>Don’t do as I do, do as I say </li></ul></ul><ul><li>Whistleblowers and credentials </li></ul><ul><ul><li>I must know what you are, not who you are </li></ul></ul>Passports in-country Meg Hillier, Minister for ID Cards, describing them to the Home Affairs Committee (March 2008).
  7. 7. A Five Minute Solution Markitecture <ul><li>Meaningless but unique number </li></ul><ul><ul><li>MBUN </li></ul></ul><ul><li>Biometric register </li></ul><ul><ul><li>To ensure MBUN unique </li></ul></ul><ul><li>Sectoral identities </li></ul><ul><ul><li>One-way mapping from MBUN </li></ul></ul><ul><li>Multiple virtual identities </li></ul><ul><ul><li>Of different kinds </li></ul></ul>But what would you do with a computer that’s not connected to the Internet? 12-year old daughter of a colleague, querying his decision to take a laptop on a camping holiday.
  8. 8. Utility: Universal <ul><li>What if identity isn’t a particular product or service but a (regulated) utility that works in both “first life” and in “second life” and that any individual, business or public body can use? </li></ul>The implementation would vary by circumstance, sometimes biometric or PINs, sometimes phones, sometimes cards, stickers, watches, hats, badges or T-shirts
  9. 9. Utility: Convenience <ul><li>Speed is of the essence, and now we have contactless and NFC we can deliver it to make identity work properly without getting in the way </li></ul>The weakest link in security is the fact that passwords are used… the Internet needs to move away from passwords and into the use of smart cards Bill Gates, speaking at Interop 2000 (ie, eight years ago)
  10. 10. Utility: No Special Gadgets! <ul><li>Everyone knows how to use a chip & PIN card without understanding PKI, tamper-resistant chips and secure personalisation strategies </li></ul>
  11. 11. Utility: Extensibilty <ul><li>People should be able to build new businesses using the identity utility without special permissions or licences, it should be like broadband or electricity </li></ul>
  12. 12. Utility: Symmetry <ul><li>It’s reasonable for a policeman to ask who you are, but it’s equally reasonable for you ask a policeman who he is, and it has to work so that my mum can check the gas man </li></ul>T he true identity of a counterparty may be the least interesting fact about them in a commercial transaction — John Browning in Wired . 5(11): p.65(6) (November 1997).
  13. 13. The Mobile Solution <ul><li>Connection </li></ul><ul><ul><li>Nexus between local and remote environments </li></ul></ul><ul><li>Processing </li></ul><ul><ul><li>More than enough processing power already </li></ul></ul><ul><li>Disconnection </li></ul><ul><ul><li>One, two and three-factor authentication </li></ul></ul><ul><li>Utility implementation that does not require new technology </li></ul>If I need to buy something quickly, I just grab my cell phone and run out the door Mihoko Iguchi, 43, Tokyo dress shop owner, Washington Post (19th December 2005).
  14. 14. The Mobile Roadmap <ul><li>Frameworks </li></ul><ul><ul><li>Standard “gateways” </li></ul></ul><ul><li>Authentication </li></ul><ul><li>Interoperability </li></ul><ul><ul><li>Federation </li></ul></ul>
  15. 15. Conclusions <ul><li>We have the technology… </li></ul><ul><ul><li>Smart cards </li></ul></ul><ul><ul><li>Mobile phones </li></ul></ul><ul><ul><li>Public key infrastructure </li></ul></ul><ul><ul><li>Biometrics </li></ul></ul><ul><li>We don’t have the vision </li></ul><ul><ul><li>Cardboard age concepts and </li></ul></ul><ul><ul><li>Computer age systems in </li></ul></ul><ul><ul><li>Communication age contexts </li></ul></ul>It is the business of the future to be dangerous… the major advances in civilization are processes that all but wreck the societies in which they occur Alfred North Whitehead (1861-1947)
  16. 16. For further information <ul><li>For more thought leadership… </li></ul> search for podcast “consult hyperion” or visit