Thursday, January 19, 2006

Taking the "I" out of identity

Sean McGrath in IT World thinks we need to be taking the "I" out of identity on the Net.
Electronic identity is subtle at best, certainly insanely complicated and possibly even intractable.'

As is often the case with seemingly intractable problems, revisiting basic assumptions is always a worthwhile exercise. The big assumption here is that to do business electronically with someone, you need to know who they are. Is that really true?

Sometimes it most definitely is true of course but there are a significant number of use cases where it is not true. Sometimes lurking behind the phrase 'we need to know who they are' lies the real substance of the concern which is 'we need to know they can pay' or, more generically 'we need to know that the person/thing we are interacting with can conduct a value exchange.'

The cracking noise you can hear in the background is the rending of two concepts that tend to be bound together. The concept of identity on one hand and the separate concept of 'ability to conduct value exchange' on the other. People turn up with cash. They can clearly pay. People turn up with checkbooks. They can clearly pay. People turn up with credit cards, they can clearly pay...
SO an identity architecture on the Net, to facilitate commercial and government service provision, need not be the a privacy invading architecture. It's counter-intuitive and hard for people to get their heads round, even when they can be encouraged to think about it.

No comments: