For those who haven’t been following the ID theft scene, there’s this new campaign to launch a giant server which stores everyone’s public information. It’s being launched under the guise of “identity theft protection,” and is thus being called an “identity authority.” Theoretically, it would store all transactions done by a particular consumer in the effort to monitor whether someone’s been the victim of identity theft, and to authorize them as the proper owner of their own identity.
This is the brute force solution to identity theft. As we know from software, the brute force solution is seldom a good one. In the case of monitary transactions, at least, there is a much more elegant (but still obvious) solution involving public key cryptography, a field whose implications I’ve become more and more interested in recently. For the ignorant, public key cryptography involves two critical pieces of data: a public “key”, which you publish everywhere, and a private key, which you keep to yourself. You can encrypt data with one, and decrypt it only with the other. So say I have some secret information for my friend. I encrypt the data with my friend’s public key (which everyone can see), send the encrypted data to him, to have him decrypt it with his private key. You can transfer this over any public medium, as no one can tell what it says except the holder of his private key. Okay, most of you probably knew all of that. You’ll probably know this, too:
You can use this to make stealing credit cards much, much harder. What we need is a new style of credit card. In the current situation, you pass credit card numbers around like currency. Oh, I want that piece of furniture; here’s my credit card number. Anyone with the credit card number can charge things to it. If you work at Baskin Robbins, all you have to do to steal it is take it into the back room and copy it down while you’re charging something to it. This is clearly a very insecure means of transfer.
So you make a new kind of card. This one has a computer chip in it (what doesn’t these days), supposedly one whose procedure you trust; its operation is no secret and should be easily verifiable. The chip has your private key on it, and the bank has your public key (and will readily give it to anyone who asks). The chip should be able to generate a message encrypted (or even just signed) with your private key that looks something like:
Charge USD 3.50 to Baskin Robbins on 2004-7-7 07:06GMT from acct. 29348516 (Luke Palmer)
This message would be sent to your bank (again, anyone’s allowed to see it on the way) where the bank carries out the transaction. They know it’s you who issued it because your public key is the only one that correctly decrypted it. Since the message is public, you could keep one for your file and show in court that it matches your key should any funny business be carried out by your bank.
Note here that there’s no “authority.” The bank is the closest thing to it, and it doesn’t have any information everyone else doesn’t have. There’s also your card, which has the most important bit of information on it: your private key. But since the card itself generates the transaction signatures, you can’t see the key on its way out, and you’d have to be in physical possesion of the card to use it. And these things can be canelled, just like they can now.
The only need I see for an “identity authority” is so Microsoft can do free comprehensive market research. :-)