Dinesh Shah wrote:
Someone raised the public disclose of birthday stating that birthday/date is used for various verifications. But this is due to an assumption that birthday/date is a Private info. However, this info is already in public (you sure have friends with whom you share your birthday/date? :-) ). People give their birthday/date info on-line at many places. It is not really difficult to get some one's birthday/date.
Hi Dinesh, may I add some thoughts, that user information is not what the user is `willing' to disclose but what the user can be identified with in case of an identity verification. This identity and its attributes has to remain unchangable or indestructible over a lifetime. Unless he goes in for plastic surgery like the tv serials.
To gather other unique info like digital photo, finger print, retina/iris pattern, DNA will be very expensive. However, they can be collected as and when required.
More than expense, if we are to use an attribute of an identity for electronic verification, it has to be immediately verifiable. DNA?
We could otherwise classify it into 2 parts. One that is an electronically verifiable one and will be entered into the secure id card and the Other will be a medical record like DNA, that exists on a secure central server as an additional data for more detailed investigation. The first part would be used for day to day transactions and the second part for criminal or other background investigations.
I agree. How about every individual carrying a simple plastic card with basic info printed in human and machine readable format like either bar code or RFID?
This card will be very easy to manufacture and replace. The card can be manufactured in such a way to make it very difficult to make duplicates/fakes.
Thats where you will need the `Something I have' and `something I can prove' formula. If an ID card is stolen/duplicated, the thief still cannot authenticate himself as he is not `him'. The only way is to kidnap the card holder and make him authenticate, like some cases where the thieves forced their victims to come to the unmanned ATM and withdraw cash. So if we have the authenticating mechanism in a secure ( Govt.) location, then this possibility is also ruled out. Access to important public buildings like railways, airports and other offices can use this dual authentication where the card owner has to swipe his card to verify it is original and electronically prove he is the guy in the card. This can eliminate the possibility of staff members hand in glove with criminals. A fake id will have no record on the system.
Regards,
Rony.
____________________________________________________
Yahoo! Photos is now offering a quality print service from just 7p a photo. http://uk.photos.yahoo.com