Digital Identity in Panicky Situations?
Debesh Choudhury, PhD
Information Security Researcher, Academician, Entrepreneur | Password & Cybersecurity, Data Privacy, Blockchains, Digital Identity, Biometrics Limit | 3D Education | Writer | Linux Trainer | Podcast Host
Digital identity plays a crucial role in our cyber existence. Digital identity is essential for online transactions and governance. Digital identity is a high valued digital asset. The economic value of digital identity is high enough to attract companies and people to summits and conferences on digital identity subjects. In one sense it is a positive sign. My inner sense asks a few questions. Is organization of digital identity events becoming a lucrative business? What about digital identity solutions for panicky situations?
Digital identity events are plenty
Every alternate day, we hear about a new event or a sequel to an earlier summit on digital identity or allied topics. All such events attract a large number of corporate sponsors and attendees from around the globe. Many of my online friends attend such events. Digital identity events attract a good amount of business around it. Organization of digital identity summits seem to be a lucrative business.
What do they "generally" do / discuss in those digital identity summits?
Most of these summits on digital identity either promote biometrics token based identity products or blockchain based futuristic solutions. In one hand they promote and sell biometrics-only products. In other hand, they show the "upcoming" decentralized digital identity solutions or the so-called self-sovereign identity. Do they miss any important issue of digital identity to be addressed?
Do these identity summits discuss about any solution or product for panicky situations?
To the best of my knowledge and belief, none of these summit, or a hand countable one or two, have considered to discuss a digital identity solution that can work in panicky situations, such as in sickness or old age, or in accidental circumstances. Not to mention the ultimate tragedy when "Internet is dead" like situation occurs.
Every digital identity platform must be able to tackle panicky situations
I am not a whistle blower, but am pointing to a grave situation a digital identity platform may have to face some day or the other. Every digital identity platform must be able to tackle panicky situations, such as personal tragedies, accidents, weakness due to old age or diseases etc. How can we be so sure that we won't face such sudden tragedies in our lives? Are the digital identity products of your company have got qualities or power to face these challenges?
What should a digital identity platform offer?
The new digital identity platform should be such that it can't be easily hacked. Even it is hacked, the privacy of the digital identity data should be protected. It should be easily accessible by all strata of the global citizens - both young and elderly, tech savvy and novice citizens. The security mechanism should be easily adaptable with the existing security technologies. The installation cost should not be very high or the new security technology should not require very complex technological and device infrastructure. Moreover, the digital identity solution must also be empowered to tackle panicky situations.
It appears that such a simple, secure and sustainable digital identity platform may be built utilizing the episodic memory based Extended Password System.
Do you think 'password is dead' for the future?
A part of the tech community promotes convenience-first biometrics as a security-first replacement of passwords. They are chasing after "passwordless" authentication with biometrics. What are your views about digital identity and the future of passwords and the authentication technology? I would love to get your views and suggestions. If you like this article, please click a generous "Like" or any other LinkedIn "reactions", and "Share" it among your acquaintances and network.
Join the LinkedIn Group “Identity Crisis: The Future of Password Security” to get updates about the future of password security, authentication technology, episodic memory based password systems and beyond.
----------------------------------------
Join me on Twitter, Medium, Facebook, beBee, Steemit and LinkedIn
More of my articles on Digital Identity, Cybersecurity and allied topics:
- Biometrics authentication is not reliable because it is probabilistic
- Passwordless is Like Living with the Lockers Always Open?
- Identity Crisis: The Future of Password Security
- The Biometrics Rush
- Can Cybersecurity and Quantum Computing be Friends?
- Does Cybersecurity have any Space for Digital Convenience?
- Security Ability and Convenience Bear an Uncertainty Relationship
- Convenience is the Weakest Link in Security
- Biometrics Liveness Detection May Help Criminals
- Can Liveness Detection Defeat Biometrics Spoofing Attacks?
- Biometric Data Breach Conundrum
- Is Biometrics More Secure than Text Passwords?
- Self-Sovereign Identity Depends on National Policies
- The Password Hole in the Cyber Bag
- Identity Dilemmas: Biometrics, Texts or Something Else
- Brand Identity, Digital Identity and Crypto Aspirations
- Digital Identity, Assets and Governance
- Decentralized Digital Identity: Which Distributed Ledger is Most Viable?
- Decentralized Biometrics: Is It the Ultimate Solution?
- Biometric Data Protection is a Big Challenge
- Reset Biometric Traits?
- Spoofing Biometrics isn't Impossible
- Privacy protection could have saved Aadhaar data breach
- Data Protection is a Big Challenge
For more articles, stories, and insights follow #DebeshChoudhury
* * * * * * * * * * * * * * * * * * * * * *
I am a researcher and academician of electronics and applied photonics. My current research focuses on Privacy Protected Digital Identity. My friend Jose Munoz Mata and I are researching distributed ledger technology for decentralized digital identity and other real world applications.
In June 2015, Dr. Jeffrey Strickland and I founded a new LinkedIn Group called "The Unfluencers". To learn about the history of "The Unfluencers" please read the seminal LinkedIn article by Dr. Jeffrey Strickland entitled -- "Who are the Unfluencers". This group is an open group. You are welcome to join this group and engage yourself in the discussions. The Unfluencer?? Logo is a registered trademark of Dr. Jeffrey Strickland.
Text Copyright ? 2020 Debesh Choudhury— All Rights Reserved
#digitalidentity #cybersecurity #biometrics #threats #spoofing #dataprivacy #datasecurity #passwordsecurity #technology #innovation #infosensys #dazlabsasia #learningtimes #debeshchoudhury #josemunozmata
Advocate of Identity Assurance by Citizens' Volition and Memory. Founder and Chief Architect at Mnemonic Identity Solutions Limited
4 年Below is my observation about the digital identity in panicky situations. We believe that it is the obligation of democratic societies to provide citizens with identity authentication measures that are practicable in emergencies as well as in everyday life. Can we presume that no citizens trapped in emergencies would ever lose any cards? Can we presume that no?citizens trapped in emergencies would ever be injured? Can we presume that no citizens trapped in emergencies would ever be settled and calm? As such we are suggesting that we could consider ‘Availability-First Model’ as a subject to be considered before discussing ‘Security-First’ and ‘Convenience-First’. It could be broken into three sub-models as follows. At the top layer should there be a sub-model that is practicable when we have lost the identity card and the likes. ‘Deployment of a secret credential’ and ‘Deployment of biometrics with a fallback secret credential’ would suffice. (It must be noted that security of the latter is lower than the former because the biometrics and a fallback secret credential must be used together in a security-lowering ‘multi-entrance’ deployment, while convenience of the latter is generally better than the former.) To be continued to #2
Advocate of Identity Assurance by Citizens' Volition and Memory. Founder and Chief Architect at Mnemonic Identity Solutions Limited
4 年I am of the view that 'password-less' authentication could be built only by ignoring the reality. Below is my analysis put forward in a bit comical way. "Inconvenient reality?" - "Ignore it and it does not exist". Being insufficient is different to being harmful? Ignore it and it does not exist. You will see a password-removed authentication that is more secure than a password authentication. By the same logic, you will also see a token-removed authentication that is more secure than a token-based authentication. PIN is no more than a weak form of numbers-only password? Ignore it and it does not exist. You will have a ‘PIN-based Password-less authentication’. Two factors used together in a security-lowering ‘multi-entrance’ deployment and the two factors used together in a security-enhancing ‘multi-layer’ deployment have exactly the opposite security effects? Ignore it and it does not exist. You will have the security-enhancing biometrics used with a default/fallback password in a security-lowering ‘multi-entrance’ deployment.
Wild Card - draw me for a winning hand | Creative Problem Solver in Many Roles | Manual Software QA | Project Management | Business Analysis | Auditing | Accounting |
4 年Digital IDs are worthless when the internet is down. Digital IDs are worthless when electricity is out. A lot of "panicky situations" involve either being out, such as disaster situations.?
Sales and Business at Shiva Industries
4 年Thanks for sharing the insight. I feel you are doing this in right way and right time.