Fox News reported on 1/8/11 that ” Obama Administration Reportedly Plans to Create Internet ID for All Americans“. Obama wants the Commerce Department to create Internet ID for all Americans.
Without getting into the political side, there are some key concerns that arise with a government issues Internet ID card. Digital certs will be implemented, but they are difficult to manage. Their main advantage is the non-repudiation feature – ensuring that an individual actual did something and can’t deny it later. But, to get that you need a central location to first authenticate that you are who you say you are. With all the fake and stolen ID’s out there can one really be sure of an individual’s identity anymore? That then may lead to fingerprinting everyone which brings up a whole new area of privacy concerns. Then who is going to check records and issue the cards? How much will they cost, who pays for it, and will it be such that only the “wealthy” can use the internet securely?
Gary Locke, Commerce Secretary, states “We are not talking about a national ID card. We are not talking about a government-controlled system. What we are talking about is enhancing online security and privacy, and reducing and perhaps even eliminating the need to memorize a dozen passwords, through creation and use of more trusted digital identities.”
If what Gary is saying is true, well that password security and management solution already exists with products like Power LogOn from Access Smart. To be up front, that is the product I helped develop and sell. Without going into a marketing/sales post (and I hate them too), please give me a moment to explain what it does.
So before waiting for a “national Internet ID card for the virtual world”, there are time-tested solutions available today.
Power LogOn is a secure, multi-authentication smartcard that stores URLs, User Names and Passwords to 100+ sites without the user having to remember or type them. Now with the user out of the logon process, they are protected from phishing, pharming, key loggers and other ID Theft attacks. Then for those companies with servers, Power LogOn can interface with LDAP, Active Directory and such so IT can manage their company’s information. It’s an Internet ID card that the individual or corporate IT Director manages, and not the government.
Passwords are not the problem with online security and identification. It is how we as humans with all our foibles that make accounts insecure. If you are interested in additional cloud security issues, please read my other blogs.
So before waiting for a “national Internet ID card for the virtual world”, there are time-tested solutions already on the market that can protect individuals and companies of any size today for a fraction of the cost of a government project.