The Internet has a dark side. It makes everything accessible as long as you have an access device, a user ID and a password. It also forces us to create multiple identities each with its own password. I don’t know about you but I can hardly remember the password for accessing my emails, online magazine subscriptions, bank accounts, online retail portals like Amazon, and so on.

The first time I watched Star Trek the Motion Picture, Captain Kirk had to go through a retinal scan to verify his identity. And I thought that is great. Experts said you can’t fake someone’s retina but the capillary veins that form the basis for the retina fingerprint do change over time, particularly for people who develop diabetes, glaucoma, retinal degenerative disorders or cataracts.

Retinal scanning is intrusive as you need to  push your face into a scanner. A more recent redevelopment, in the same vein, called iris recognition allows for us to a distance of two feet from the scanner to authenticate the person’s identity. Much earlier this year I was fortunate to witness a palm recognition system from Fujitsu Japan.

So it begs the question: “why can’t we have one universal ID and password that can’t be hacked, is portable, and truely secure?”

How many user IDs and passwords can any one person keep safely? Adrian Seccombe on the Jericho Forum Outlook on Network World wrote that on average a person has upwards of 50 identities at any given time. I don’t have that many but certainly just keeping track of what my user ID and password is for every website I visit regularly is causing my a lot of headache. At one point, it took me four attempts to get online with my bank before i finally figured it out. That included writing a letter three times to have my user ID and password reset because I forgot what my ID and passwords were.

I’m sure if this happened to my Mom she’d revisit the merits of having face-to-face time with a physical person at her bank never mind it took a good 20 minutes to get to her local branch plus another 20 minutes to queue during busy Monday mornings.

Is it possible for us to ever come to the point where we have just one universal ID and password that would allow us to access everything from bank accounts, to credit card transactions, to read and download our favorite subscriptions, etc.?

For sure work has been ongoing to create an identity management system that will is universally supported. The passport is by far the most universally accepted proof of a person’s identity – although we know that like other media, these passports can be tampered with.

In early 2007, Symantec claimed it has developed a new component of its Security 2.0 initiative that would create a universally accepted identity system across all Web sites, helping users manage their online identities in a secure way. Novell released a similar document on the same theme.

How far development has progressed remains a point of discussion? The issue we have at hand is that no single entity will ever likely be allowed to build and deploy worldwide a universal ID that would enable disparate systems, whether government run or business entities, to recognize the holder of that ID. It just carries the potential for bad as much as good.

So would we ever see such a universal ID and password coming to fuition? Certainly not in my lifetime!

Advertisements