Manhattan Institute for Policy Research.
search  
 
Subscribe   Subscribe   MI on Facebook  Find us on Twitter      
   
     
 

Forbes.com

 

Secure I.D.s and the Net

August 13, 2007

By Peter W. Huber

PRINTER FRIENDLY

Count on it--as you're reading this, somebody, somewhere, has just fired up a lost laptop, or hacked into a server, that contains 100,000 names and personal numbers. And sooner or later one of those records will be yours. There is no such thing as "proof of identity" anymore, not for banking, credit, medical care, boarding a plane, crossing the border or collecting a tax refund. Not unless proof is supplied by technologies that the privacy police do their utmost to suppress.

Nothing you can recite over the phone, type on a keyboard or seal in plastic can positively identify you anymore. Your name and numbers, and what your pooch likes for breakfast, are all as insecure as the often porous phones, keyboards and networks you use and the sometimes porous databases in which the words and digits are stored.

Credit card companies are probably the best identity trackers around. No surprise there--identity is an information product, sold for profit. Nike (nyse: NKE - news - people ) manufactures it wholesale, with the swoosh on shoes; Citibank manufactures it retail. And unlike the passport office or the Department of Motor Vehicles, those companies have real money on the line. In the manufacture and sale of high-quality identity, profits provide stronger incentives than drunk drivers and terrorists.

So how does Citi gold-plate your identity? The plastic and magnetic strip are almost irrelevant--the Internet economy uses neither. Your personal credit swoosh is maintained, instead, by constantly monitoring your daily consumption of identity. Citi updates your swoosh every time you use the card. If your habits change abruptly, you get a buzz from a call center in India.

Then it gets interesting. The caller from Bangalore will try to check if you're really you, but if you're careful, you'll first want to check if she's really Citi. She can't risk telling you your credit card number, and you won't disclose the secret answer to the dog-breakfast question until you're persuaded that she's as real as you are. So she tells you instead that you ate at Jean Georges last night, and then adds that she's just wondering whether that was also you trying to buy four color TVs an hour ago at a pawnshop.

Your Citi-swoosh evolves every time you use it. The system works fast enough to be both practical and secure only because almost all the work is done by a huge digital network, constantly updated with new detail about your private life. For the bank the real you is the person who knows exactly where you wined and dined last night. You are what you eat.

But the purveyor and price of last night's feast is just one more little record in your portfolio, and it, too, can fall into the wrong hands. So to get even more secure than that, identity merchants will have to correlate and cross-check still more.

You'll soon be invited to add fingerprints, an iris scan and a voice print to somebody's files. Your Social Security number or computer password runs nine digits or so; a high-resolution digital bioprint could run 9 million. And the print never gets scribbled on a yellow sticky stuck to the edge of your screen or handed to the waitress at the diner or recited over the phone within earshot of someone else. A much bigger number is that much harder to steal or to crack by trial and error. But to recognize your eyeball from its end of the line Citi will still need to store its own digital copy, and even big files can go astray. Especially when the data get into Citi's file only by skipping from you through the scanner, diner and online merchant.

The real you is much bigger than your eyeball. It includes all the snapshots, all the different records that mirror your body or track your shopping, savings, debt, deeds, licenses, passports, birth and death. So one by one, the legitimate custodians who control all the checkpoints of life are going to ask you to let them network their various snapshots and update the composite you minute by minute. The real McSwoosh, the one and only you, will be the one that all the legitimate databases out there assemble on the fly.

If you recoil at the thought, no problem, just get to the airport two hours early and be prepared to answer frequent calls from India. But if you prefer to move securely in the fast lane of life, you have to embrace your digital identity, not fight it. In the age of digital networks, identity can be secured only by chopping it into pieces, storing the fragments in lots of different places and continually updating and sharing them at Internet speed. You can't hide, but you can run. To be true to yourself, that's what you'll have to do.

Original Source: http://members.forbes.com/free_forbes/2007/0813/064.html

 

 
 
 

Thank you for visiting us. To receive a General Information Packet, please email support@manhattan-institute.org
and include your name and address in your e-mail message.

The Manhattan Institute, a 501(c)(3), is a think tank whose mission is to develop and disseminate new ideas
that foster greater economic choice and individual responsibility.

Copyright © 2014 Manhattan Institute for Policy Research, Inc. All rights reserved.

52 Vanderbilt Avenue, New York, N.Y. 10017
phone (212) 599-7000 / fax (212) 599-3494