Dastardly Double Identities
Just when you thought the thinking about id cards could not be more unjoined along comes a new project that makes the Queen of Hearts control of Wonderland seem the model of consistent and logical thought.
I am indebted to my good friend Grant Mearns for pointing this one out to me.
The government, not content with one identity project have got two on the go. The second project provides "Level one" proof of identity as some kind of "entitlement card" for government services.... it knits the services together into a common sign on.... so apparently the ID card is just providing better (level 3 in government terms) security. Hmmm so why is it costing £6bn if all it is is cards terminals and a simple login database? Surely all the costs of reconstructing the databases of all the govenment departments is falling under this "stealth project".
How much will this all cost ? I think we have a right to know. Perhaps if you split the projects in two give them different names you wil be able to hide the true costs from the public accounts committee.... oh perish the thought.
Government ID cards continued
The saga continues. Now the House of Commons are getting in on the act.
The government estimates of a cost of £5.8bn are in themselves shocking, but more shocking is the fact that these are just the costs to the Home Office!!!
My personal views from having been one of the advocates of chip cards at Barclaycard are not those of a luddite or anti-card person, but i have BIG reservations about these id cards
1) Cards are a distributed database... that means you freeze your technical upgrade path at the speed of renewing the oldest card. The cards are linked to passports which means potentially you have a 10 year renewal cycle. So once implemented you cannot upgrade or respond for 10 years to any flaws without incurring costs
2) One of the main learnings from the banks is that the cards wear out much quicker than expected. There is a cost of renewal which is high when you are authenticating identity. Now this point does not mean that point 1 is negated because the cards wear out on usage and say 60% of cards get used regularly, the problem is about point 1 is that you cannot upgrade systems for 10 years because some guy will put his id card in a drawer and only trav3els abroad once every 10 years. The problem abbout point 2 is that failed cards will dramatically increase the re-issue of cards and re-authentication process for the 60% who use them regularly.
3) Biometrics do not "prove identity". You can only ever "prove data". You are in biometrics trying to prove that the data generated by the image of a persons say finger print or cornea matches the data held on a datbase within a given margin of error. The problem here is the word database... how likely is it that the data on the data base will be accurate and if it is not how do you go about regaining your identity?
mashup - great success
What a fantastic night!
Great speech by Sam Sethi, good panel, lively debate and good networking afterwards.
Big relief frankly that so many people found the subject interesting ... I was beginning to think I was a bit wierd.
Looking forward to the next one.
ID cards thrown out by House of Lords
The House of Lords have thrown the Govts ID card bill out on the grounds that the cost is unclear.
I suspect that they will prove to be playing Cassandra shouting her warning at the gates of Troy, whilst Ministers bring their captured wooden horse right into the centre of the city.
I can be damned pompous when I want to can't I?
- Posted by roger on 20/01/2006.
- 2 comments
Canals and Trains
Nothing is ever really wholly new.
No matter what technology gets invented, you can find a historical precedent for the type of change the new technology will bring to pass. You may not find the technology, but you can find an analogous change and learn from it.
Like most people brought up in the British school system, I used to think think that the UK Canal system was quickly put out of commercial use by the invention of the railway locomotive.
I was wrong and I am indebted to The Oxford History of Britain edited by Kenneth Morgan for putting me right and for teaching me a valuable insight into the development of modern society.
Canals were introduced between 1770 and 1800 as the cutting edge of transport/communications technology. Their introduction herralded a speculative bubble which quickly financed the building of all of the sensible navigable routes that could be exploited. The early 1800s saw a period of spectacular returns for the early investors in Canal technology. The Oxford Canal produced an annual return for its investors of 30% pa and as an industry returns averaged 6% - 8% at a time when Government bonds were paying just 1/4%.
Railways were invented in the 1830s and by the 1840s a speculative bubble developed around their introduction. Everyone could see the money being made by the canals and speculated that trains going faster would achieve even better returns. The speculation was fueled by George Hudson the "Railway King" who by 1845 owned 1/3rd of railway lines in Britain and was delivering fantastic returns to his early investors.
Unfortunately, for Mr Hudson's subsequent investors, it was a scam. Mr Hudson was using the money raised in later schemes to pay dividends to his early investors and the rumours of these fabulous returns were being used to attract fresh victims for his schemes.
Skydentity
The recent purchase of Easynet by BSkyB is obviously motivated by a number of well documented business reasons and looks to be a good move by Sky although i am not qualified to say whether the price is right.
What interests me is the history of Sky Interactive and the implications for that division.
I used to run a company that supplied Sky with mobile top up using the so called set top box "back channel". This was in fact a slow dial up internet connection running from the set top box and accessing web pages marked up in a variant of WML.
The interface was cumbersome and slow and not many people used it, but it did have a means of identifying the identity of the household in which the set top box was located. This was only available to Sky, but it proved very effective in cutting down fraud. You could know with absolute certainty that the set top box accessing your website was accessing from say 54 Lobelia Drive, Cardiff.
You would have thought that this advantage would have proven compelling.
One of the problems with Sky Interactive is the fact you have a distributed data base of set top boxes that cannot be updated remotely and are really rather unintelligent devices. Even though the consumer owned those boxes, it was Sky that had sold them to them - so leaving the older boxes behind was not an option. Millions of hours must have been spent testing every Sky site against each and every set top box.
At one time not so long ago, we all looked at Sky's 7.8m UK households connected to Sky Interactive and the fact they had an in built charging mechanism and identity and thought it would be a close run thing between interactive TV and dial up internet connections.
Now most people would say TV type entertainment through the internet is a realistic competitor to TV but that internet through set top boxes was not a likely winner against the Internet.
Civil Service Benevolant Fund
Well it seems that whilst the civil servants who run the UK have been making the tax system so complicated that they themselves can't understand their own rules, at the same time they have been making life easier for fraudsters. Who have been making claims in the Civil Servants own names... making away with an estimated $2bn
You couldn't make it up, could you?
Why should anyone in the UK trust them with their personal data if they cannot protect their own staff?
Rites of Passage and other issues of identity
Kim Cameron speaks eloquently in favour of microsoft's info card and the identity metasystem. I think the ideas contained in it are pretty sound as concepts and tally with a lot of the studies I was involved in with Barclaycard, who in can be seen as Europe's first and largest issuer of "identity tokens".
Barclaycard is Europe's largest credit card issuer and the UKs first being almost 40 years old. People with Barclaycards had an odd relationship with them. Often we were the first thing that empowered them to spend when they got their first job or gained financial independence, so we were tied up emotionally as a "right of passage". People kept the card even when they moved on to other cards because of what it represented to them (a time when they were young and free).
People trusted us to introduce things to them like mobile phones, but here is the rub, although we gave them mobile phones what they really liked was the fact that they could give the phone anonymously to family members (mainly daughters). If we tried marketing to them directly saying "here is a phone for your daughter" they saw that as us being unbelievably sinister "it is a plan to sell credit cards to kids" they would scream, but if they thought we did not know what they were doing they did it in their millions.
So this round about story is a way of saying you have to treat your customers as adults and empower them to do what they will: and you have to be aware of the emotional baggage that goes with "issuing identity". It might be a right of passage for them to get say a credit card, but they resent like hell you providing the same service to their kids. If the identity you issue is to be of worth, it has to have this emotional connection though - no one pays a premium for keys and locks but they will pay a premium for a "feeling of security".
Mobile Monday
Really interesting session at Momo. The overwhelming impression I got of the evening was the complexity of developing mobile applications caused by the fragmentation of implementations of operating systems.
From personal experience I know that even within handset models , manufacturers will change - say - the way the java virtual machine works. A certain manufacturer used to do it even within production runs of the same handset.
There are signs of a coming together and a standardisation. Sun is working hard on cutting down the sheer variety of options available under Java by grouping them together. Symbian is in a better position, in terms of non standardisation but is in fewer handsets.
As an example of the complexity of mobile: Nokia can still issue series 40 phones with a proprietory OS running MIDP1 and MIDP 2 JVMs and series 60 phones with Symbian operating system running a MIDP 2 JVM. Even without this kind of complexity you then get into screen size and keyboard variations. Meanwhile the gorgeous Motorola "Razr" looks lovely, but has the memory capacity of a goldfish which slows all applications down to a ridiculous degree when viewed from the perspective of an application developer.
In my opinion, it will take a standard application that the mobile handset manufacturers and operators regard as a "must have" and that ends up running on millions of machines to drive true stanardisation -left to themselves the handset manufacturers will not standardise themselves in a significantly meaningful way on a reasonable timescale.
The implication is that mass market adoption of converged services between PCs and mobiles will come from the PC and move to the mobiles. The further implication is that instead of the handset manufacturers playing game that is in their interests, their lack of standardisation could ultimately lead to their having standards imposed on them from the web.
