| Overview |
 |
|
|
 |
"Proposed [identity theft]
fixes tend to concentrate on the first issue--making personal data
harder to steal--whereas the real problem is the second [preventing
fraudulent transactions]. If we're ever going to manage the risks and
effects of electronic impersonation [identity theft], we
must concentrate on preventing and detecting fraudulent transactions." |
| Solving
Identity Theft~ Bruce Schneier ~ |
|
|
 |
|
| Secure
digital credentials on NFC enabled mobile devices will
soon transform the world: |
|
- Identity theft
will be eliminated.
- Fraudulent
financial transactions will be eliminated.
- Funds will be
easily transferable between mobile device users.
- Networks will
be secure.
- Single
sign-on
for users will be easily implemented.
- Identity
federation between organizations will be easily implemented.
- Cybercrime and cyberwar will be
eliminated.
- New
marketing/advertising models will enhance retail commerce.
- Medical records
will be secure and transportable.
- m-Commerce and
m-Banking will uplift the third world.
- Online voting
will be a reality.
- Privacy will be
protected.
|
|
| Within
two years there will be corporate and government
deployments where
all members of the organization will utilize NFC enabled mobile devices
for the purpose of identity management. These deployments
will drive consumer acceptance.
|
|
| Within
three to five years secure digital credentials on mobile devices will
be ubiquitous among
consumers (the adoption curve for digital credentials will be about the
same as for high definition television).
|
|
|
|
| The Trust Nexus
is a technology startup company located in Austin, TX. We are
building the
infrastructure for secure identity in the digital age. |
|
| The
basic question is, how can trust be established in the digital
age? If you and I have never met and I come to your website
or place of business, how can you be confident that I am who I say that
I am? The
Trust Nexus answers this basic question regarding the establishment of
trust. |
|
| Our
solution is simple, practical and transparent to the consumer. Consumer
acceptance will be rapid and widespread. Our solution secures identity,
protects
individual privacy and prevents the
establishment of monolithic government control. Under our
system, the user is always in control of his/her credentials. |
|
| Beyond
legal name and legal address, a user's private data is never stored in
our system. Even if an
espionage team assaults one of the data centers, there will never be a
liability for a massive theft of user data. |
|
| The
essence of our approach is very different from the "Big Brother"
approach recently announced by India or
being proposed in the United States. Rather
than creating a centralized directory of private information, we will
create a network of repositories containing a collection of
institutional decisions which will establish an Institutional
Web of Trust. |
|
| If
you review our process flow diagram you will see the simplicity and
elegance of our solution: |
|
|
|
|
Institutional Web
of Trust ~ Process Flow
(click a
number to see a text description)
|
|
|
|
|
|
|
Additional
Process Flow Diagrams:
Effective Single Sign On ~
Process Flow
Cloud Services ~ Process
Flow
Federation ~ Process Flow
Mobile Money Transfer ~
Process Flow
Mobile Money Pickup ~
Process Flow |
|
|
|
| The Institutional Web of Trust does
not store private data. It stores institutional validations (in
the form of dual encrypted hash codes of digital credentials). |
|
| Compared
to a decentralized web of trust which
creates a web of individuals with, "the expectation that anyone
receiving [a list of signatures] will trust at least one or two of the
signatures", we will create a system where trusted
institutions legitimize individual identity. |
|
| In
essence, there are a limited number of institutions
worldwide (measured in
thousands) that truly matter when it comes to legitimizing
identity. Digital wallets on mobile devices will enable the
efficient association of unique
public/private keys to a specific individual's legal
identity (legal name and legal address). If there
is a
non-unique association, an inconsistency arises in the
system. If the association is unique and
verified by multiple
legitimate institutions an individual's identity is secure (as
long as the private key on his/her mobile mobile device controls is
secure). |
|
| Under
our system, even
if an identity thief can obtain all the information about a user's
debit card (all the visible information on the card, the encoded
information on the magnetic strip and the PIN), if that debit card
becomes a digital credential with a hash value that is dual encrypted
by the user's private key and the bank's private key, and this
encrypted hash value is verified within one of The
Trust Nexus
Repositories, the stolen
information is useless because it cannot be used in fraudulent
transactions. |
|
| Currently,
the weak link in this system
is the possibility that a user's mobile device is lost or
stolen.
If the mobile device is secured by a PIN or voice ID, the data still
may
be accessible under current technology. This is a solvable
problem which we will leave to the manufacturers of mobile devices (The
Trusted Platform Module (TPM) has
generally solved these problems on the desktop.). |
|
| Even
without some type of cryptographic
key destruction system, the fact that an identity thief would need to
steal and hack into a physical device is a vast improvement over
current technology. |
|
|
|
| If
a practical worldwide system is to be created, in addition to not
storing private data, we must go beyond the
traditional PKI process of having a
Certificate Authority issue and manage public/private keys for users;
such a system
is simply unworkable on a multi-billion user scale. |
|
The
Institutional Web
of Trust provides five key advantages over a traditional
PKI system:
- Self-registration
and self-maintenance for both users and institutions.
- A
"Uniqueness Factor"
for both users and institutions.
- A
"Validation Type"
for institutional validations.
- An
"Trust Rating"
based on the "weight" of institutional validations.
- Complete
protection of user privacy.
|
|
| Removing
the need for a Trust Authority to verify billions of individual
identities and manage billions of public/private keys makes a world
wide system practical. |
|
|
|
| The
Trust Nexus
Repositories will be the default data store for legal
identities, public keys and institutional validations (encrypted hash
values of credentials). The repositories will be trusted not
because of some arbitrary dictate or assertion; rather, the
repositories
will be trusted because of the policies implemented. |
|
| The Trust Nexus
does not secure identity by, "making personal data harder to steal".
Rather, identity is secured by self-managing logical
inconsistencies within the system, resolving identity conflicts and
preventing fraudulent transactions. |
|
| As
Bruce Schneier, author and
security guru, pointed out, "Proposed [identity theft] fixes tend to
concentrate on the first issue--making personal data harder to
steal--whereas the real problem is the second [preventing fraudulent
transactions]. If we're ever going to manage the risks and effects of
electronic impersonation [identity theft], we must
concentrate on preventing and detecting fraudulent transactions."
[Solving Identity Theft] |
|
|
|
| The
self-registration for users will be an automated process
that will take place when a user activates a new mobile
device.
The self-maintenance by institutions will be regulated by the fact that
institutions must provided valid public keys from a legitimate
certificate authority. It will be in the self interest of the
institutions to maintain their information and public keys. |
|
| In
the process of adding a credential to a user's digital wallet, the
provisioning institution (government agency, bank, university, etc.)
will calculate a secure hash value (numerical representation) of the
credential combined with information from the user's primary
credential (legal identity). This hash value will be
encrypted with the user's private key and then encrypted again with the
provisioning institution's private key; this encrypted hash value will
then be stored in The
Trust Nexus
Repository representing an institutional
validation of the user's identity. |
|
| This
dual encryption establishes that the credential was associated with the
user during the provisioning process rather than simply asserting the
association by a reference from the repository. There is no
need to store any specific information (account number, balance, etc.)
about user's account. The user is in complete control of the
information he/she presents and his/her privacy is maintained. |
|
| When
a user presents a credential from his/her digital wallet a transaction
ID will be sent from the authenticating system to the user's digital
wallet, be encrypted with the user's private key and sent back to the
authenticating system. The user can be authenticated by decrypting the
transaction ID with the user's public key from The
Trust Nexus Repository. The credential can be authenticated by
calculating the hash value of the credential and then decrypting the
hash value stored in The Trust Nexus
Repository with the institution's public key and the user's
public key. |
|
|
|
| It
will be possible to store bio-metric data within a
user's credential (not within a central repository) when
the credential is created by the provisioning institution.
When a user presents the credential, verifying the biometric data in
the credential against the individual in real time will provide
enhanced security along with verifying the encrypted
transaction code against the user's public key and verifying the
encrypted hash code of the credential against The
Trust Nexus Repository. |
|
| While
there are many types of biometric identifiers, one of the simplest and
most usable is a photograph of the human face verified by a human
being. Any credential in a user's digital wallet that
includes a photograph (driver's license, passport, bank debit card,
etc.) will be highly reliable when a user presents the credential in
person. |
|
| Digital
fingerprint identification and voice authentication have become
increasingly reliable and either would
provide an additional layer of security when necessary. |
|
| Whatever
type of biometric factor is used, the fact that the biometric (and all
other) information is stored in a user's digital wallet on his/her
mobile device and not stored in a central repository means there cannot
be a
massive theft of identity information. |
|
|
|
| The
processes of securing consumer identity through an Institutional
Web
of Trust will be transferable to corporations, government
agencies and other organizations. |
|
| Secure
digital credentials on NFC enabled mobile devices represent a
"Disruptive
Technology" that will significantly impact every aspect of identity
management. |
|
| The
term "Disruptive
Technology" comes from Clayton Christensen's
classic treatise, The Innovator's Dilemma.
The fatal flaw in corporate strategy is to allocate resources
exclusively based on current markets and customer demand for
improvements in "sustaining technologies" while ignoring innovation in
"disruptive technologies". |
|
| "Disruptive
technologies typically
offer a cheaper solution to a small, often unidentified subgroup. Once
established within this small market the disruptive technology evolves
through sustaining technology until it eventually satisfies the
performance criteria of more traditional markets. When this happens,
the disruptive technology bursts onto the scene, attacking the soft
underbelly of the established corporations, often with fatalistic
consequences. In the parlance of evolutionary biology, disruptive
technology is like punctuated evolution; fast with significant changes
in the gene pool." (ref) |
|
|
|
| Why
would a major institution (bank, university, corporation, government
agency, etc.) utilize The Trust Nexus
Repository instead of its own internal system? When
there is no need for an external third party to rely on a user's
credential an institution may very well utilize its own internal
repository. In this same case, smaller institutions, for
reasons of convenience and cost, will likely utilize the services of The
Trust Nexus Repository. |
|
| Whenever
a third party (a party other than the provisioning institution) must
relay on a user's credential, the key services The
Trust Nexus Repository provides are assurance that the user is unique and
trustworthy, assurance that the provisioning institution is unique and
trustworthy and assurance that the credential is trustworthy.
Also, The Trust Nexus Repository creates a "data
synergy effect" which establishes an Institutional
Web of Trust (when multiple institutions validate a unique
user's identity the identity becomes more secure and more trustworthy). |
|
| If
a unique user has digital credentials for a state driver's license, a
passport, a bank debit card, a university ID, insurance cards, credit
cards, etc., all independently validated by trustworthy institutions,
that user's identity is highly secure and highly trustworthy.
Similar to credit ratings, both individuals and institutions
will have "trust ratings" within The
Trust Nexus Repository. A centralized notification service will
also be provided when credentials are lost or stolen. |
|
| Easy
access for online status
checking establishes the currency of a user's credentials in case the
user's digital wallet is lost or stolen. |
|
|
|
| The
Trust Nexus provides the
"Holy Grail" for single sign on. All
computers will soon have an interface (USB plugin or internal card)
that will enable NFC interactions with mobile devices. The digital
wallet on a user's mobile device will be provisioned with credentials
containing specified authorizations for different systems and services.
Rather than logging into a directory or utilizing a complex federated
identity process, a user will log onto his/her mobile device with a PIN
and possibly a voice authentication signature. The user (or the
authenticating
system) will then select the appropriate credential for the specified
system or service with no need to enter another user name or password
(the user's private key will be used to encrypt a transaction ID). This
approach also solves the "Keys to the Kingdom" problem
where a single sign on to a directory service opens access to all the
user's systems and services. |
|
| The
Trust Nexus provides a simplified approach to identity federation. For
example, a coalition of universities may have authorization levels for
library services that will enable users to access any library within
the coalition; government organizations may provision security levels
within a user's credential that enable inter-agency access to
resources; etc. Because authorization levels are stored in a
user's credential, there is no need in the authentication process to
access another institution's data stores (i.e., there is no need to
exchange authentication and authorization data between security
domains). |
|
| This simplified federation process is far more efficient than the traditional use case based on SAML. Under The
Trust Nexus there is no need for complex transactions between identity services. |
|
| Additionally,
our system will enable a process of mutual authentication
that will prevent phishing scams. The
user's credential and the institution's credential could both contain a
list of valid URLs which could be matched during the sign on process. |
|
|
|
| We
are confident we have a transforming technology and a clear vision of
the future. No one has found a conceptual flaw
in the system. Existing providers of identity
management services should not see The
Trust Nexus as a competitor; rather, they should see us as an
infrastructure provider (similar to the electric power grid that has
hundreds of energy providers). |
|
|
