Feeling Safe on the Web: Are Online IDs The Wave of the Future?

Push_ZM.jpg
Zack Martin
Poste: 
Editor, Avisian Publications

Do you feel that your identity is safe when using the Internet? President Obama wants you, and other consumers like you, to feel secure online. Rising concerns over online identity theft and weak cybersecurity have led President Obama to task a group to help protect you and your online identity.


The United States is joining other nations in making online security a priority. Many citizens within the European Union (EU) have electronic IDs (eIDs) that serve as their national ID card, and allow them to validate their identity and access services online. Services include claiming social security and unemployment benefits or filing tax returns. Now, the European Commission is piloting a project that will ensure cross-border recognition of national eID systems and enable citizens to easily access public services in all thirteen Member States, not just their home country.
Back in the United States, it is thought that Obama's group, the National Strategy for Secure Online Transactions, will eventually recommend ways for consumers to be “vetted,” meaning establishing your identity with some type of background check, and then advising a technology you can use for better security when conducting business online.
Officials familiar with the project say the President wants consumers to use strong authentication, something more secure than user name and password, that adds another “factor” for security.
For example, user name and password is one-factor security, something you know. But additional factors can be added. A token or digital certificate, something you have, adds a second factor for even stronger security. This is called two-factor authentication. If you add a fingerprint or other biometric, something you are, it's increased to three-factor security. The more factors, the better the security.
It's not yet known what the National Strategy for Secure Online Transactions group will recommend for consumers but there are many potential technology options. They include:

One-Time Password tokens: In some parts of the corporate world these tokens are standard issue. Individuals enter a user name, password and then hit a button on the token that gives them a one-time passcode to enter as well. Because a legitimate passcode can only be created by the user's token, this creates a second factor of authentication, the "something you have." These tokens come in a variety of form factors, such as keyfobs or embedded in a standard credit card form. Some of the vendors also have released applications that enable users to get the passcode from a smart phone instead of having to carry around another token.

"Computer manufacturers also have started including smart card readers in laptop."

Smart Cards: which contain a secure microprocessor chip, have been around for a long time and are being issued by the U.S. federal government for employees' credentials. Computer manufacturers also have started including smart card readers in laptops, and the cost of adding one to a PC is nominal. Your smart card is used along with your username and passcode as your "something you have" to gain access to computer networks and Web sites.

Digital Certificates and Public Key Infrastructure: A digital certificate is just what it sounds like: a digital file that provides assurance of your identity. An individual certificate, another example of "something you have," can be stored on a USB drive, secured on a smart card or downloaded directly to a personal computer. A Web browser can then automatically check the certificate along with user name and password to enable Web sites for two-factor authentication. Public Key Infrastructure (PKI) is responsible for issuing digital certificates, ensuring the distribution of these certificates through a directory, and validating certificates. Deploying national PKI would be complex and expensive, though in the long run it may be the best option because PKI is one of the most secure technologies available, officials say.

“Biometrics is an example of “something you are,” and can be a fingerprint or an iris scan.

Biometrics: Biometrics is an example of "something you are," and can be a fingerprint or an iris scan. Although some computer manufacturers are embedding fingerprint readers into laptops, this is most likely a long shot for a nationwide secure authentication solution. If the scanners aren't included in a PC, they can be expensive. Other biometric options haven't made inroads to the desktop yet or are too costly.

Smart Phones: This, too, may seem like a long shot but some government officials see mobile devices being the key for online authentication. People will leave the home without a wallet or ID badge but rarely do they forgot their mobile phone. With Near Field Communication (NFC) on the horizon it could be identification rather than payments that brings the technology to the forefront, some officials say. NFC enables a mobile device to transmit information using the same protocol as the contactless smart card you may have in your wallet. The snag in this plan is that most PCs aren't equipped to read contactless smart cards and those readers are more expensive than those used for contact smart cards. But could the smart phone connect via a USB until contactless readers are embedded in computers? It's a possibility that wouldn't cost very much. Using the mobile device for identification would be less expensive than any other type of card or token. There wouldn't be any issuance cost because most people already have a mobile device. Users would just download the application onto the smart phone and use it from there.

Conclusions

After the National Strategy for Secure Online Transactions finishes its work, it's likely that a combination of these technologies will be recommended. You will be able to choose which technology you want to use based on your specific wants and needs. At that point the more interesting question is how consumers will be vetted and how the chosen technologies will be issued. For these answers, we just have to wait and see, but the end result should be a more secure online environment where you and your identity are safe.

---
Zack Martin, Editor
A tech-savvy editor and reporter with more than 12-years experience in emerging technologies publishing, Zack brings a strong focus in government and enterprise ID programs to AVISIAN. Prior editorial roles with industry publications such as IDNewswire, Card Technology, and Card Marketing add to Zack’s unique market insight. He is a graduate of DePaul University’s journalism program.

AVISIAN.com | SecureIDNews.com | ContactlessNews.com | CR80News.com | RFIDNews.org | RegardingID.com

Biographie: 
A tech-savvy editor and reporter with more than 12-years experience in emerging technologies
  • My comment
  • Comments [60]

Add new comment

26.06.2014 | Valentin wrote:

Definitеly believe that that you stated. Your favorite rеaѕon seemed to be on the net the easiest factor to take into
aϲсout of. I say to you, I definitely get irked while people think about worries that tҺey plainly
don't recognize about. You managed to hit the nail upon the highest and defined oսt the entіre thing wіth no need side effect
, other people can take a signal. Will likely bе back to get more.
Thank you

04.08.2014 | Get China and H... wrote:

I every time spenht myy half an hour to read this webpage's content
all the time along with a cup of coffee.

10.08.2014 | Beautiful 40 Ac... wrote:

Sparks said Wednesday he's worried the fee could be extended to chickens and other farm animals and
cause more meat to be imported. The bus ride to the National Western Stock Show was rather
jovial as we riders were served coffee, orange juice, and donuts, and many
passed the time by playing cards. If you choose to stay
at one of the above location the main problem you will run into is availability.

14.08.2014 | Super Pani wrote:

Helpful info. Lucky me I discovered your website by chance,
and I'm stunned why this coincidence didn't happened in advance!
I bookmarked it.

15.08.2014 | Information wrote:

Hello to every one, the contents existing at this site are really remarkable for people experience, well, keep up the good work fellows.

16.08.2014 | Locksmith Providence wrote:

My brother suggested I may like this web site. He used to
be totally right. This publish truly made my day. You can not imagine just how a lot time
I had spent for this information! Thank you!

18.08.2014 | essay writing s... wrote:

, he will have to collect information that support mercy killing should
be legalized and at the same time evidences
that support mercy killing should not be legalized.

There's a tendency for most admission essays to be boring
and lifeless if one writes it in the form of research paper.
Don't guess or figure you can go without knowing
a few things--that's the attitude that causes plenty of students to
receive F's on what could have been A papers.

19.08.2014 | I prefer a more... wrote:

Give her a feeling that you care for her and that you would go the distance to
help her in times of distress. Yes, you are overcome by her blinding beauty and her big.
If you're telling a woman about your recent trip to Cancun,
you don't have to include minute details such as the kind of food they served on the plane.

19.08.2014 | Kelli wrote:

I need to to thank you for this wonderful read!! I absolutely enjoyed every bit of it.
I've got you bookmarked to check out new stuff you post…

19.08.2014 | Sammie wrote:

"I left the aviation industry and wanted a more relaxed, flexible lifestyle. Depending on the wash cycle selected, initial wash cycle time estimates vary from 40 minutes for the shortest cycle to nearly 3 hours for the longest cycle. Going with a pro for appliance installation is the best choice you can make regarding your own health in this situation.

Pages