| Overview |
 |
|
|
 |
"Proposed [identity theft]
fixes tend to concentrate on the first issue--making personal data harder to
steal--whereas the real problem is the second [preventing fraudulent transactions]. If
we're ever going to manage the risks and effects of electronic impersonation [identity
theft], we must concentrate on preventing and detecting fraudulent transactions." |
| Solving Identity Theft~ Bruce Schneier ~ |
|
|
 |
|
| Digital credentials on NFC enabled smart phones
will soon transform the world of identity management. Within three years
there will be corporate and government deployments where all members of the organization
are issued NFC enabled smart phones for the purpose of identity management. Within
seven to ten years digital credentials will be ubiquitous among consumers. |
|
| The Trust Nexus
is a startup company located in Austin, TX. We hold intellectual property rights
that will enable us to build the infrastructure for secure identity in the digital
age. Whoever controls the
infrastructure for secure identity will also play a leading role in the emerging world of
m-Commerce. |
|
| The basic question is, how can trust be established in the
digital age? If you and I have never met and I come to your website or place of
business, how can you be confident that I am who I say that I am? The Trust Nexus answers this basic question regarding the
establishment of trust. |
|
| A key component of our infrastructure will be an easy to
use digital wallet where credentials can be securely provisioned and
transactions occur smoothly. This digital wallet will be the cornerstone of NFC
technologies on mobile devices and provide the interface for identity, marketing
and financial services. Every
aspect of digital life that depends on identity and transactions will flow through the
digital wallet. |
|
| The digital wallet on NFC enabled smart phones will be one
of the most valuable assets in the digital age.
The digital wallet and supporting infrastructure will be based on industry standards that
will enable the mobile network operators (MNOs) to meter
services that flow through their networks and participate in new marketing/advertising
models. |
|
| The identity infrastructure we have designed will
eliminate the possibility of identity theft for all participants, protect consumers and
financial institutions from fraudulent transactions, greatly reduce cyber-crime and solve
many of the systemic problems of the current Public Key
Infrastructure system, especially the problems of certificate
revocation lists (CRLs) and on-line status checking. |
|
| Our solution is simple, practical and transparent to the
consumer. Consumer acceptance will be rapid and widespread. Our solution secures identity,
protects individual privacy and prevents the establishment of monolithic government
control. Under our system, the user is always in control of his/her credentials. |
|
| The essence of our approach is very different from the
"Big Brother" approach recently announced by India. Rather than creating a centralized
directory of private information, we will create a network of repositories containing a
collection of institutional decisions which will establish an Institutional Web of Trust. |
|
|
|
Institutional
Web of Trust ~ Process Flow
(click a number to see a text
description) |
|
|
|
|
|
|
Additional Process Flow Diagrams:
Effective Single Sign On ~ Process Flow
Cloud Services ~ Process Flow
Federation ~ Process Flow
Mobile Money Transfer ~ Process Flow
Mobile Money Pickup ~ Process Flow
|
|
|
|
| The Institutional Web of Trust
does not store private data. It stores institutional validations. |
|
| Compared to a decentralized web of
trust which creates a web of individuals with, "the expectation that anyone
receiving [a list of signatures] will trust at least one or two of the signatures",
we will create a system where trusted institutions
legitimize individual identity. Additionally, the Institutional Web of Trust established by The
Trust Nexus will have controller processes
that rely on self-registration for users and self-maintenance for institutions. |
|
| The self-registration for users will most likely be an
automated process that will take place when a user activates a new cell phone. The
self-maintenance by institutions will be regulated by the fact that institutions must
provided valid public keys from a legitimate certificate authority. It will be in
the self interest of the institutions to maintain their public keys. |
|
|
|
| Digital wallets on NFC enabled smart phones will enable
users to secure their private keys and control/present their digital credentials. Because
a user's identity will be authenticated by the processes of The Trust Nexus (not a trust authority) there is no need for a trust authority to issue and
vouch for public/private keys for individual users. It is only necessary that the public
key be registered and the private key be secured. Users can self-issue their keys. |
|
| The Trust Nexus
does not secure identity by, "making personal data harder to steal".
Rather, identity is secured by self-managing logical inconsistencies within the system,
resolving identity conflicts and preventing fraudulent transactions. |
|
| As Bruce Schneier, author and security guru, pointed out, "Proposed
[identity theft] fixes tend to concentrate on the first issue--making personal data harder
to steal--whereas the real problem is the second [preventing fraudulent transactions]. If
we're ever going to manage the risks and effects of electronic impersonation [identity
theft], we must concentrate on preventing and detecting fraudulent transactions."
[Solving Identity Theft] |
|
| In essence, there are a limited number of
institutions worldwide (measured in thousands) that truly matter
when it comes to legitimizing identity. Digital wallets on smart phones will enable
the efficient association of unique public/private keys to a specific legal identity
(legal name and legal address). If there is a non-unique association, an
inconsistency arises in the system. If the association is unique and verified by one
or more legitimate institutions an individual's identity is secure (as long as the private
key which he/she controls is secure). |
|
| In the process of adding a credential to a user's digital
wallet, the provisioning institution (government agency, bank, university, etc.) will
calculate a secure hash value (numerical representation) of the credential combined with
information from the user's primary
credential (legal identity). This hash
value will be encrypted with the user's private key and then encrypted again with the
provisioning institution's private key; this encrypted hash value will then be stored in The Trust Nexus
Repository representing an
institutional validation of the user's identity. |
|
| This dual encryption establishes that the credential was
associated with the user during the provisioning process rather than simply asserting the
association by a reference from the repository. There is no need to
store any specific information (account number, balance, etc.) about user's account.
The user is in complete control of the information he/she presents and his/her privacy is
maintained. |
|
| When a user presents a credential from his/her digital
wallet a transaction ID will be sent from the authenticating system to the user's digital
wallet, be encrypted with the user's private key and sent back to the authenticating
system. The user can be authenticated by decrypting the transaction ID with the user's
public key from The Trust Nexus
Repository. The credential can be
authenticated by calculating the hash value of the credential and then decrypting the hash
value stored in The Trust Nexus
Repository with the institution's public key
and the user's public key. |
|
| In a variation of this process the provisioning
institution does not store the encrypted hash value in The Trust Nexus Repository; rather, the provisioning institution itself maintains a repository and a
reference to the repository is authenticated by an entry contained within The Trust Nexus Repository (through the institution's primary credential). In this way
an institution could federate the identity of it's users (or a subset of
its users) simply by adding (or modifying) a credential to each of it's user's digital
wallets and creating an institutional reference within The Trust Nexus Repository. |
|
| As part of the federation process, cooperating
institutions will most likely create authorization levels for various services
and provision these levels as part of a user's credential. For example, a coalition
of universities may have authorization levels for library services that will enable users
to access any library within the coalition; government organizations may provision
security levels within a user's credential that enable inter-agency access to resources;
etc. Because authorization levels are stored in a user's credential, there is no
need in the authentication process to access another institution's data stores (i.e.,
there is no need to exchange authentication and authorization data between security
domains). |
|
| Members of the federation (e.g., a group of universities)
would appoint a "federation manager" who would maintain a list of members within
The Trust Nexus Repository
and define authorization levels for various services. |
|
| This simplified federation process is far more efficient
than the traditional use case based on SAML.
Under The Trust Nexus there is no need for complex transactions between identity
services. |
|
|
|
| It will be possible to store bio-metric data
within a user's credential (not within a central repository) when the credential
is created by the provisioning institution. When a user presents the credential,
verifying the biometric data in the credential against the individual in real time will
provide enhanced security along with verifying the encrypted transaction code
against the user's public key and verifying the encrypted hash code of the credential
against The Trust Nexus
Repository. |
|
| While there are many types of biometric identifiers, one
of the simplest and most usable is a photograph of the human face verified by a human
being. Any credential in a user's digital wallet that includes a photograph
(driver's license, passport, bank debit card, etc.) will be highly reliable when a user
presents the credential in person. |
|
|
|
| Why would a major institution (bank, university,
corporation, government agency, etc.) utilize The Trust Nexus Repository instead of its own internal system? When there is no need for an external
third party to rely on a user's credential an institution may very well utilize its own
internal repository. In this same case, smaller institutions, for reasons of
convenience and cost, will likely utilize the services of The Trust Nexus Repository. |
|
| Whenever a third party (a party other than the
provisioning institution) must relay on a user's credential, the key services The Trust Nexus Repository provides are assurance that the user is unique and trustworthy,
assurance that the provisioning institution is unique and trustworthy and assurance that
the credential is trustworthy. Also, The Trust Nexus Repository creates a "data synergy effect" which establishes an Institutional Web of Trust (when multiple institutions validate a unique user's identity the
identity becomes more secure and more trustworthy). |
|
| If a unique user has digital credentials for a state
driver's license, a passport, a bank debit card, a university ID, insurance cards, credit
cards, etc., all independently validated by trustworthy institutions, that user's identity
is highly secure and highly trustworthy. Similar to credit ratings, both individuals and
institutions will have "trust ratings" within The Trust Nexus Repository. A centralized notification service will also be provided
when credentials are lost or stolen. |
|
| The uniqueness test for legal identities within The Trust Nexus Repository helps to secure identity and prevent identity theft. If there
is a non-unique association, an inconsistency arises in the system. Also, easy
access for online status checking establishes the currency of a user's credentials in case
the user's digital wallet is lost or stolen. And most importantly, The Trust Nexus creates a "data synergy effect" which
establishes an Institutional
Web of Trust. |
|
|
|
| Additionally, our system provides the
"Holy Grail" for single sign on. All computers will soon have an
interface (USB plugin or internal card) that will enable NFC interactions with mobile
devices. The digital wallet on a user's cell phone will be provisioned with credentials
containing specified authorizations for different systems and services. Rather than
logging into a directory or utilizing a complex federated identity process, a user will
log onto his/her cell phone with a PIN and a voice authentication signature. The user (or
the authenticating system) will then select the appropriate credential for the specified
system or service with no need to enter another user name or password (the user's private
key will be used to encrypt a transaction ID). This approach also solves the
"Keys to the Kingdom" problem where a single sign on to a directory
service opens access to all the user's systems and services. |
|
| Additionally, our system will enable a process of mutual
authentication that will prevent phishing scams. The user's credential and the institution's
credential could both contain a list of valid URLs which could be matched during the sign
on process. |
|
| We are confident we have a transforming technology and a
clear vision of the future. No one has found a conceptual flaw in the system.
Existing providers of identity management services should not see The Trust Nexus as a competitor; rather, they should see us as an infrastructure
provider (similar to the electric power grid that has hundreds of energy providers). |
|
|
