Identity in the 21st Century.

This is a write up of some talks I recently gave at a Yoti Jellyfish Meetup, and latterly at Wired Security 2016.

Identity is a peculiar thing, and one that has shifted it’s locus of value with the advances of technology, to where, I contend, today it is the most valuable thing we own, and how important it is to ensure we protect it.

Let’s start with trust.

Way back when, before we travelled great distances easily and quickly, a family name, or a shared acquaintance was enough to have “trust”. This meant you could be fairly hopeful that you could discern friend from foe.

Trust wasn’t always enough, so we invented secret phrases that only “one of us” would know, this enabled the drawbridge to be opened securely. This had several flaws, but functioned for a time well enough.

Fast forward a while and someone up on high wanted some sort of “proof of identity” so that we could all be sure of what was what.

Obviously with the creation of said documents came, inevitably, forgery.

With the advent of international travel, international diplomatic incidents, foreign policy, immigration etc, etc, these documents were increasingly designed to be ever hard to forge. Sadly, fancy ink and paper, just no longer cuts the mustard in a world of photographic replication.

So, we danced around with holograms and silver strips woven into the paper and each iteration lasted a while until someone figured it out.

It’s only today using fingerprints,retina scanners and end to end cryptography can we be guaranteed “trust”, can we feel truly secure that X is who they say they are, and or that our transactions are secure. Sadly, this is still cost prohibitive to all but the very richest.

Those of you familiar with security will recognise that the phrase at the drawbridge is a password, and is what we call Knowledge Identity — In essence i know what the password is, i ask you, you give me the right answer and so, I believe you and open the door/complete the transaction.

The next is the Token Identity, a physical, ideally unique “thing” that you can present to me and it contains all sorts of design complexity which assures me that it’s genuine and proof of right to travel, identity etc.

And the last is Biometric.

However, these days, most of the security we use online is the first type, Knowledge, it’s often woefully insecure. How many of use the same password, or sight variations of it, how many of us have close friends who probably know those? I say this not to frighten you, but only to make you recognise the insecurity of it all.

The internet is a fantastic invention, and with it came the smartphone, perhaps the most intimate of all computers to date. It is so deeply personally to us, yours no doubt contains — as does mine — unflattering or even naked pictures or videos ( hey! Don’t judge me! I had a lump, I couldn’t see it well! ) no doubt our bank cards, our emails, our facebooks, in short, these days most of us are carrying around access to more value in one hand than at any time ever before.

And yet, despite all this power and ease, how secure are our communications? What really happens when we hand over our Mothers maiden name? Do we even know if the wifi is really secure? Do we know if this data is encrypted or not?

It seems almost every week there is another acknowledgement of a data breach, another million or so email accounts, sometimes with a password clearly readable, attached. The list of men and women actively pursuing an affair, credit card details for sale on the dark web, the list of threats to our identity seems never ending in it’s creative deviousness.

It’s why I am proud to support Yoti in their mission to bring identity up to date, on to our phones and to ensure that the documents that are so vital and valuable to our lives can stay where they belong, somewhere safe.

Every weekend hundreds of thousands of 18–25 year old’s head out to enjoy their youth, many are carrying their driving license, their passports, all just to prove their age!

The value of these documents is immense, once found, a few hours on google and you’d have all the relevant information you’d need to begin to assume that identity and from their, the world’s your oyster; credit cards, loans, mortgage, internet accounts, emails — the list goes on.

Imagine you could prove your identity with your phone, imagine you could request proof of age, identity, address all through your phone? Well, the wait is almost over. We can’t wait to show you what we’ve built.

Benjamin Southworth, Developer Evangelist, Yoti.