The Idea Incubator/One ID

From Wikiversity
Jump to navigation Jump to search

The Problem[edit]

A single identifier can be used for secure authentication that will quickly and safely unlock authorization to a wide range of services.

We carry many charge cards, insurance cards, membership cards, and other authorizations such as driver’s licenses, etc. We identify ourselves to banks, employers, and financial services organizations using separate identifiers and account numbers for each organization. Yet each of us is a single person. What is needed is a single universal identification that can be used securely and conveniently to authenticate ourselves everywhere.

Today’s charge cards provide only weak security for authentication—assurance that the card holder is the owner of the card. As a result any imposter can use a stolen charge card.

The Solution[edit]

Provide a service that issues an identification number (or character string) that is unique to you forever, world-wide. This identifier can be manifest in a smart-card type device, and may also be stored in a smartphone, computer, web service, or electronic key fob. The identification may be additionally secured by a PIN or some biometric identifier. This ID can then work as a charge card, backed by any bank that has issued you credit, an insurance card backed by any company that has agreed to insure you, a membership authorization backed by any organization that has agreed to accept you, and so on. It creates a more natural binding of the “one ID” to the person, once and for all, and then is used as an index to access the authorization of the organization providing some service, such as a credit account.

To use the card for a purchase, present the card to the merchant. The card reader reads the ID and transmits it securely to a credit service, such as Visa or MasterCard. The credit service recognizes you, accesses your account, and extends credit for this purchase. The customer goes through the same steps as if using a credit card, but only one card is ever needed for all authentications.

Because only one card is ever needed, authentication security can be increased cost effectively. If the card is lost or stolen, it can be deactivated by authenticating yourself using a spare card or other secure identification and requesting deactivation of the lost card.

The ID number (or character string) can be chosen from a truly large address space, allowing perhaps 1030 unique identifiers. This ensures the ID can be assigned for life and never has to be reassigned to any other person. Also, using such a large address space allows the ID to include redundancy and check digits that can help prevent counterfeiting.

The identifier can be manifest on a variety of substrates. It can be printed as a character string, it can be embedded in a variety of electric storage media, it can be carried as a card, a key fob, or embedded as a microchip. It can appear as a barcode or as a QR code. It can be accessed via smartphone app, or worn as a tattoo.

The identifier can be secured by a variety of methods. It can be validated using legacy systems such as password or pass phrases. It can be validated by a variety of biometrics including fingerprints, retina scan, facial recognition, or voice prints.