Can We Fix Federated Authentication? 65
Bruce Schneier writes in his blog of a "New paper by Ross Anderson: 'Can We Fix the Security Economics of Federated Authentication?': There has been much academic discussion of federated authentication, and quite some political maneuvering about 'e-ID.' The grand vision, which has been around for years in various forms but was recently articulated in the US National Strategy for Trustworthy Identities in Cyberspace (NSTIC)."
Problem: There's too much potential money in it (Score:5, Insightful)
The basic problem is that a lot of people look at the possibility of being the go-to Internet identity service as being a huge money raiser. There are big network effects - you need a critical mass of websites so that anyone who wanted to do anything online would have to sign up for your service, and a critical mass of users so that any website that wanted to be quick and convenient would have to sign up for your service.
But once that critical mass was achieved, that's when the big fun begins, because you now as the established middleman have 4 potential sources of revenue:
1. Fees from each website that wants to use your service to verify identity.
2. Fees from each user that wants to use your service to identify themselves.
3. The sale of user's personal data to advertisers. (In the "achieving critical mass" phase, of course, they'll put in a privacy policy that says that they won't do this, but once they have enough users to dominate they'll quietly change the policy.)
4. Advertising on the website that you use to sign up.
And because you're the tool everybody is using, every new user or website pretty much has to use your service or risk being out in the cold.
A lot of companies have tried to get themselves in this position: Microsoft took a stab at it, Facebook and Twitter are still pushing for it, etc etc.
Re:Incentives aren't wrong, the program is. (Score:4, Insightful)
> *I* want to be the controller of my individual identity online
The whole reason for needing an e-ID is that I do not trust *you* to identify yourself. A third party we both trust is required, or you'll just pretend to be whomever you want and I'll be left holding the bag.
Obvious solution: (Score:3, Insightful)