A good ID verifying-device (card, token, whatever):
This certainly isn't a complete list of desireable characteristics, but it's a start.
- Does not contain or rely on biometrics. Generally can change, and once copied/forged one can never change the identifying information.
- Is capable of doing public-key encryption on-card. The information that identifies the person never leaks to the device. (Technically, this can be done with symmetric encryption as well in conjunction with a trusted centralized server, but this has some drawbacks.)
- Has a PIN, so that stealing the card is not sufficient to impersonate a person.
- Has a PIN entry keypad *on-card*, so that false readers and bogus ATMs cannot steal PINs.
- If any data must go back to the card owner, has a rudimentary display *on-card* (say, a calculator-style LCD display), so that a false reader or bogus ATM cannot say that someone is paying "$10.00 to WalMart" for something and actually having them pay "$14.00 to Joe Hacker".
- Should support a scheme where personal identity is not disclosed, but a persona is (my "persona" at the moment is "0x0d0a"). This is because any national ID card will naturally be used by other systems as well, and without this step, severe privacy abuses will occur. This requires use of a trusted, centralized server or of a card that can natively store multiple identities.
- Allows one to disable the trusted nature of the the card quickly and easily if it is lost, and in a manner that cannot be easily done by others (which would allow a denial-of-service attack against the card owner).
- Can handle water, crushing force, and high temperature.
- Can fit in a wallet.
- Should have the ability to log identity verification usage, so that the user can sync his card up with a computer or similar and check to see what he actually signed off on two days ago.
Anders Jacobsen |
[weblog / photography]