My Christmas Wish List: Personal Identity-Persona Service
It is almost Christmas Eve. In the midst of an insomnia episode, I conjured up a crazy notion of making a Christmas wish list of things I want from a Personal Identity-Persona Service (PIPS). Your list may be different, but here’s mine.
- Secure Identity Bank Vault for my Identity Profile and Credentials. Of all the potential Identity Providers jostling for prominence in the market, I favor my bank the most. They take pretty good care of my money, enable me to selectively send some of my money to other people, and seem to be sensitive to the issues surrounding security, privacy, liability and potential cyber threats. I think I could trust them to take good care of my online Identity. Think of it as the bank providing a safe deposit box for all the Identity attributes that I want to store and use, and providing the means to selectively take out Identity attributes for presentation to other people. This vault should be located in a secure cloud, so I can get access from any computer or mobile device of my choice. I think this is a concept even my technology-challenged wife, mother and father could readily understand and accept.
- Really Easy to use Identity/Profile/Persona Editor. With my Secure Identity Bank Vault in place, I need a really easy to use way to fill that vault with my Identity information and maintain it over time. This will include the information I would normally include provide to an online merchant or social network, as well as subsets of such information that I can define for the purpose of presenting different personae to facilitate different online experiences.
- Multiple Levels of Identity Assurance or Validation. I want to make sure that other people can’t impersonate me by setting up a fake Identity Bank Vault for Mark Dixon that could be used to conduct illicit transactions. To do that, methods need to be in place to validate the claims I make about my identity, such as birthplace, social security number, credit card numbers, etc. Progressively rigorous checks of my background information will allow me to confidently present Bronze, Silver, Gold or Platinum Identity credentials to enable different levels of online interaction.
- Really Easy to use Persona Selector. I need the ability to easily select from a set of personae I have defined in the Identity Bank Vault. For example, I will most likely have one persona to use for online shopping, one for interaction with state government, and another for using my church website. This selector needs to be immediately accessible, probably in the browser toolbar. For mobile use, the persona selector needs to be easily accessed and presented by any online application that requires me to log in or pay for services.
- Multiple Levels of Secure Authentication. I want to make sure that no one can access and use my Identity Bank Vault or persona and credentials it contains without my explicit permission. In some cases, I may want to simply surf the web and virtually window shop by identifying myself with a user name and password. However, I would like to restrict access to any financial transactions or health care record access by requiring a digital certificate (probably on a USB fob) and perhaps with a fingerprint check (perhaps via that same USB device).
- Option to Use Separate Personae for Login and Payment. In some cases, I may want to use an Internet Persona to poke around the web, do some window shopping and try things out. I may want to log in to Amazon, eBay, Barnes and Noble or other merchants before I decide to buy. None of these merchants needs to know my credit card information before I decide to buy something. Therefore, I need an easy method for first identifying myself and subsequently presenting my payment method.
- Audit Reports. I would like to get an online “Identity bank statement” each month or on demand, detailing the my use of PIPS service. This would allow me to verify that all uses were legitimate and would help me determine if adjustments were needed in my profile or use of the service.
- Fraud Insurance. If a privacy breach or other unauthrorized use of my Identity or credentials occur through no fault of my own, I would like to be insured against possible damages. This would be similar to the fraud protection currently provided by credit card companies.
Of course, in order for a PIPS service to be worth much, social Networks, online merchants, government agencies and other relying parties will need to accept my PIPS profile and credentials. But wouldn’t it be great if I could maintain one set of Identity and Profile information and have that available for consumption by any merchant or social network, according to my wishes? I would be willing to pay a yearly fee for such a service, much like I pay certain bank fees now. Or, perhaps those fees would be waived if I maintained a certain account balance or averaged a certain transaction volume on a credit card issued by the bank.
Will something like this happen? I think so. Probably not in 2010. By 2015? I certainly hope so.
I like it Mark generally. I have often thought that the banking model should be used for personal healthcare, but the problem of course is that unlike banking where our money is consolidated, healthcare records are fragmented, in multiple formats even when digitized….
I particularly like the focus on ease of use, but think you have too many choices still for ave user. After all we only have one true identity, and it should be ours to control — no exceptions, whether banking, healthcare, or anything else.
I prefer encrypted finger print combined with password protection. .02- MM
Comment by Mark Montgomery on December 23, 2009 at 4:51 amMark:
Thanks for your feedback. I’m working on a piece for healthcare. I’d like to get your feedback when it’s done.
I agree that too many choices can complicate things. A good system needs to be flexible enough to accommodate the "power user" but simple enough for non-techies to master easily.
Mark
Comment by Mark Dixon on December 23, 2009 at 8:26 amMark, take a look at the work of the Kantara Initiative’s Consumer Identity Work Group, of which I’m Chair. I think your desires for a PIPS service are consistent with the goals of the WG.
The idea of a bank (or anyone else) acting as your identity provider presents at least two problems. The first is liability. What if a mistake is made, and an imposter is able to claim your identity? Is the bank liable in any way? Which gets to the second problem: What is the business model for the bank to act as your IdP? Can they make any money by doing it? Why should they accept any liability if something goes wrong? I think banks would need to really push something like this, and educate the public about why this would be beneficial, to get sufficient uptake.
Then there are the Service Providers / Relying Parties who will rely on an identity assertion from your bank. Are there sufficient incentives in place to motivate these SPs/RPs to care enough about who they are dealing with in high value transactions? Many SPs/RPs don’t want to scare off customers by requiring stronger forms of authentication, but someone eventually has to pay when fraud occurs. And payment may not always be monetary; there may be "payment" in terms of a damaged reputation.
I’m hoping the US government’s Open Identity Initiative, which is starting out with low assurance applications in which a person’s true identity doesn’t matter, will eventually spur progress towards greater deployments of high assurance consumer identity services.
Comment by Bob Pinheiro on December 23, 2009 at 10:20 amBob:
Yes, it appears that your Kantara Group is focused directly on the issues that I bring up in my post. And I agree that the business issues, such as how IdP’s make money and how RP’s can be properly incented to work with the IdP’s are the biggest factors delaying implementation of such a system.
I look forward to seeing monitoring your work with Kanatara and reading the white papers you are producing. I’d be happy to discuss my ideas and views in more detail if you would like.
Thanks,
Mark
Comment by Mark Dixon on December 23, 2009 at 11:25 amHi Mark,
I like the idea of the PIPS as you’ve described it, but as somewhat of a data nerd, there’s a further piece of functionality I’d like to see.
It’s an extension of your audit point, where you’re focused inwards on use of the PIPS itself – instead I’d like to see which SPs have my data, and whether they took a one-off copy from the PIPS IdP or if they have ongoing access.
Additionally, Ideally some kind of contract between the PIPS and the various SPs using my identity data that allows me – within the PIPS – to define how they can use my data.
Alas I fear the trouble with this utopian service is that typical consumers just don’t care enough to make it a viable business proposition.
Comment by Nick Taylor on December 24, 2009 at 4:32 amHi Nick:
Your idea of extending the audit process is a great thought.
I do share your fear that a viable business model that addresses both the complex functionality some of us techies want while addressing the much less complex needs of the majority may be hard to come by.
Happy Holidays!
Mark
Comment by Mark Dixon on December 24, 2009 at 6:07 am[…] it all in a secure manner, I’d like a service along the lines of that described by Mark Dixon here to manage it all;Â though as I commented on his post, I’d like something a bit more […]
Pingback by Nick Taylor – Watching my PII on January 6, 2010 at 3:26 pm