Jamie Lewis linked to the 2005 Identity Fraud Survey Report which concludes that the risk of identity theft is greater in the physical world than in the virtual. This report has been picked up broadly in the mainstream press (USA Today, AP, Chicago Sun-Times) and I read the story as as a prominent data point for those concerned with digital identity.
Anyone who has recently re-financed a mortgage on paper or responded to a snail mailed credit card soliticitaion has felt the twinge of recognition of the real risks to your identity that are very present in the physical world. The moment you print your SSN, home address, mother's maiden name, etc. on a piece of paper, seal the paper in an envelope, and send it through the mail you have fed your identity assets into a system that provides little assurance, no visibility, no audit - while at the same time , it is a system that is vulnerable to the least sophisticated form of attacks - simple theft.
The evolution of digital identity systems will give people a choice. People will have to decide what is riskier: sending a piece of snail mail containing a paper record of your identity or transmitting a digitally signed assertion (XML document) over an encrypted channel between highly trusted information systems. Both methods of moving identity information involve risk, the question is which is more secure. I fundamentally believe the digital system is/will be more secure and this is why I advocate positioning the evolution of digital identity systems as a reform movement.
Comments