Welcome Back, Mr. Bond

These days, much of the world of the spy is rather mundane surveillance, rather than jumping out of airplanes or racing around on motorbikes, and much of the work is about joining up the dots rather than uncovering secrets. Think about the Russian invasion of Ukraine: Never mind CIA spy satellites, the position of troops and tanks could be found on social media! We are now in the era of what is called “open source intelligence”,?which General Sir Jim Hockenhull, the U.K.’s Chief of Defence Intelligence, says has proved to be a “force multiplier”. He says that the intelligence services need to shift to an operational model where they obtain most of their situational and contextual understanding through open source and combine this with our secret intelligence to support decision making.

It must have been much more exciting being a spy back in James Bond’s heyday. Now, biometric identification, social media and smartphones make it far more difficult to adopt a realistic alter ego and slip unnoticed into the crowd. Establishing a fake identity is the easy bit. The problem comes because a fake identity needs a real reputation and reputation, unlike identity, is hard to forge. It has a time component. It takes years to build up a reputation that will stand up to scrutiny! If you wanted to pretend to be someone now, you would have to have started building the fake LinkedIn profile a decade ago.

Things are definitely changing in the world of spies then. It’s not the world of Goldfinger anymore. For one thing, three out of the four directors-general of the British secret intelligence services, each of whom reports to the current “C”, are women and they include the head of technology (known as “Q”, after James Bond’s gadget man). One of them told the Financial Times that it had been an exciting career during "the days before biometrics", when she was making her way unnoticed from one country to another, often on foot, and changing disguises en route.

Those were the days. Imagine that one of these days James Bond dons a suit and grabs a fake passport in the name of Dave Birch, heads off to the casino for an evening of intelligence gathering with suspicious oligarchs and arms dealers. He heads through the main entrance, where his face is scanned and fed into the age verification system that is connected to the open banking “safe to spend” service and the police criminal records information system and the casino loyalty scheme before a screen flashes up “Welcome Back Mr. Bond, only another half a million to lose and your gold membership will be extended for another year”.

Oops.

Biometric identification seems convenient, but biometric authentication is a much better way forward and this should be our “default” way of thinking about security. James Bond heads into the casino and waves his smartphone over a scanner. The smartphone (or other device) gives up a Verifiable Credential (VC) that is a casino loyalty card in the name of Dave Birch. This is immediately checked in the casino’s back end system to see that Dave Birch has not been barred from the premises and presents a picture of James’ face to the doorman (since James would have registered with his face but a fake passport in the name of Dave Birch). This is why the Anglosphere should converge not on National Identity Schemes, but National Entitlement Schemes that keep identity out of transactions that do not need it (i.e., almost all transactions).

That’s only part of the solution of course. How is James going to pretend to be me all evening? Everyone else sitting around the Baccarat table has LinkedIn on their phones and because they are rich they will probably have access to some AI-powered face recognition service. This will make for very different spy movies in the future, I would imagine, because any casino will be full of revellers taking pictures of each other for their Snapgram and Instatok stories. By the time he’s finished his first martini, James Bond will be in a few hundred social media feeds and his location will already have been triangulated by Russian bots scampering around the web for precisely this purpose.

Hence my prediction for the next most important gadget for Q to develop and surely the next big fashion trend: adversarial makeup to defeat facial recognition systems. This already exists, by the way. A study from Ben-Gurion University of the Negev found that software-generated makeup patterns can be used to consistently bypass state-of-the-art facial recognition software, with digitally and physically-applied makeup fooling some systems with a success rate as high as 98%. Maybe James will be able to get into the casino as me after all.

Book Dave

Are you looking for:

• A speaker/moderator for your online or in person event?
• Written content or contribution for your publication?
• A trusted advisor for your company’s board?
• Some comment on the latest digital financial services news/media?