Skip the navigation

Experts look to digital IDs to boost Net security

Identity theft is eroding trust in the Internet, security experts say

By Scarlet Pruitt
March 11, 2005 12:00 PM ET

IDG News Service - Rampant identity theft is eroding users' trust in the Internet and could threaten to erase some of the progress companies have made in doing business online, security experts warned today.
One possible solution is to create digital identities to curtail ID theft, but the move also comes with liabilities, the experts said while speaking on a panel at the CeBIT trade show in Hanover, Germany.
"We actually run the risk of taking a step back on the Internet. We're starting to see a lack of confidence and even worse, companies are scaling back what they are doing on the Web," said Art Coviello, president and CEO of RSA Security Inc.
Beat Perjes, head of IT security architecture at Credit Suisse, said that the customers at his bank are still doing online transactions but are also asking a lot more questions about whether it's secure. This is a concern because what banks actually sell customers is trust, Perjes said.
Cases of online identity theft have gained prominence in recent months, and the U.S. Federal Trade Commission has labeled such theft as one of the fastest-growing types of consumer fraud. Internet users are reporting cases of unauthorized access to their online bank accounts as a result of phishing scams and the increased prevalence of spyware, which can record users' passwords and log-ins.
Digital identities, which provide two measures of authentication, could help improve Internet security, as well as having various other uses, such as digital passports, the experts said. Dual authentication often involves something a user knows or possesses, such as a smart card, and something that he is, which can be represented by biometric information, Coviello said.
"Password-only IDs should be a thing of the past," said Detlef Eckert, Microsoft Corp.'s chief security adviser for Europe, the Middle East and Europe.
In addition to improving online security, digital identities would also allow users to reduce the number of credit cards, loyalty cards and other proofs of ID that they carry, the experts said.
Smart cards, digital passports and national ID cards could carry information for multiple purposes, as long as the authenticating body is trustworthy. So, if multiple credit cards were stored on a smart card, each credit card company would have to trust the other company's means of identifying and authenticating users, the experts said.
Authentication done by one body and then trusted by another is called federated identity, said Hellmuth Broda, chief technology officer at Sun Microsystems Inc. Broda is also the spokesman for the Liberty Alliance Project, a consortium of more than 150 companies working to develop

Reprinted with permission from IDG.net. Story copyright 2014 International Data Group. All rights reserved.
Our Commenting Policies
Internet of Things: Get the latest!
Internet of Things

Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!