Dematerialised ID — Dematerialisation

Anonymity/identity

Capture

Dematerialisation

Campaign

Newcomers and returning visitors, please note that you are welcome to talk to the hermit using this new invention, email.

Dematerialised ID

The voluntary alternative

to material ID cards

A Proposal by David Moss

of Business Consultancy Services Ltd (BCSL)

Section 7

eCommerce may or may not be capable of expanding the economy but if the government introduce ID cards, we may never find out. Dematerialised ID, with its use of mobile phones and digital certificates/PKI, would at least give expansion a chance – it uses the right technology.

It is not just individuals who suffer from ID theft. So do organisations. It is not just individuals who are involved in money-laundering. So are banks and other organisations. A serious attempt to reduce ID theft and money-laundering would bring organisations into the same infrastructure as individuals. Dematerialised ID could achieve that. The government's ID cards scheme could not – they've got the scope wrong, as well as the technology.

Dematerialisation
Digital certificates are not material. That is what gives dematerialised ID its name. Dematerialised ID is all about issuing digital certificates instead of material ones or, at least, in addition to material ones.

There is a successful precedent. Compare dematerialisation in the UK securities industry. We no longer have material share certificates, in the main. We still manage to invest in shares.

A conventional birth certificate, for example, is material. You could be issued with a digital certificate in addition to the material one, a dematerialised equivalent. Another example, the conventional credit card you carry around is material. You could just as well carry it around as a digital certificate stored on your mobile phone.

In general, under dematerialised ID, any supplier, who currently issues any material voucher, which entitles the bearer, to any benefit, could, instead, issue a digital certificate, to be stored on the bearer's mobile phone.

Note:

That is the principle for any supplier, whether the supplier be in the public sector, the private sector or the voluntary sector, whether the supplier be an organisation or an individual.
The government is just one supplier among many.
Under dematerialised ID, there are no ID cards for the government to create, distribute and manage. And while the chosen biometrics remain unreliable, there is no need for the government to collect everyone's biometrics. There is, therefore, no need for them to create a National Identity Register (NIR). The government's rôle is, therefore, reduced. That is no loss to them or us. Creating ID cards and the NIR to record our biometrics would be a waste of time and money.
The words "voucher" and "certificate" are used interchangeably.
There are some certificates, like birth certificates, where we would probably want to retain the material version, and others where we might be quite happy to have only the dematerialised version.
The benefit of digital certificates is that they can be used in transactions where it is important to prove authenticity quickly.
Digital certificates can be stored on mobile phones or on any other digital media, like CDs or USB sticks, in the office, at home or at a trusted third party custodian.
Dematerialised ID is conservative. So far in the proposal, "dematerialised ID" has simply been used as a name for what happens anyway. People already have mobile phones and carry them around everywhere they go. People are already located by their mobile phone and their associates are already identified by mobile phone records. Issuing digital certificates to people's mobile phones to replace or supplement material certificates is the first instance in the proposal of anything new being suggested.

... could result in many of us having hundreds of digital certificates instead of our present material vouchers
Dematerialised ID would have the effect of providing each subscribing member of the public with a collection of digital certificates from several sources, each one vouching for some entitlement or affirming some attainment.

You might have one digital certificate issued by the Department for Work and Pensions vouching for your right to work, for example, another one issued by your union showing that you are a member, a third issued by the Department of Health certifying your right to treatment under the National Health Service (NHS) and a fourth issued by your bank confirming your current account number and allowing you to write digital cheques.

By the time you have added your passport and your driving licence to the list, your credit cards, your travel cards, your store cards and your loyalty cards, your membership of the Automobile Association, your membership of various sports clubs, your degree certificate and your professional qualifications, your entry pass to get into the office, the key to your car and your front door, and the tickets for tonight's concert at the Albert Hall, that is a lot of digital certificates and a lot of software applications running on your mobile phone.

... far too much for smart cards to cope with
They will require a lot of storage space. There is very little memory on smart cards and the number of applications that can run on them is limited. Smart cards will inhibit the growth of eCommerce.

There is plenty of memory on mobile phones and mobile phones are computers – there is no limit to the number of applications that can run on them. Mobile phones could support the expansion of eCommerce.

This may be what lies behind the IDABC unit's rueful comment:

"Although smart cards were the main focus, it was also recognised that other non-card based solutions for carrying out qualified eServices are being developed. Work on mobile device technology is particularly important, as this medium potentially offers cost, security and functionality benefits over smart cards."

It can be cheaper to produce digital certificates than material ones
The Home Office's July 2002 budget includes £2.007bn for 67.5m sophisticated* smart cards (para.5.46 & Annex 5, para.32). It follows that the cards cost £29.73 each.

* "Sophisticated", incidentally, is undefined by the Home Office.

This is the production cost alone. It does not include the cost of making checks on people's personal details. That is covered by other elements of the budget. It does not include the cost of registering or checking biometrics or the cost of card distribution.

With these volumes, the comparable cost for producing a digital certificate alone, no smart card required, is estimated by BCSL to be less than 1p, i.e. that component of dematerialised ID would be around 2,973 times cheaper than the government scheme. Digital certificates are cheaper in this case than material ones.

... and digital certificates have many other potential advantages
Compared with material certificates, it is quick and cheap to produce digital certificates, quick and cheap to distribute them, easy to revoke them and, thanks to PKI, quick to authenticate all parties to a transaction.

That makes it feasible to introduce the wide variety of certificates needed to reflect the sophisticated requirements of our lives. Distributing digital certificates, amending them and revoking them, can all be done simply by making phone calls. There is no need to incur the delay and cost of using the post or courier services.

And thanks to the mobile phone network, these certificates can be remotely and continuously monitored and managed.

It feels uncomfortable at first to hold only a digital certificate. It takes time for confidence to develop. But we know that it can develop. We have no doubt now that a piece of paper signed by the Chief Cashier of the Bank of England can be exchanged for £20-worth of goods or services. There must have been doubts when paper money was first introduced but, since then, confidence has grown and it would do the same with digital certificates.

The principle of dematerialisation can be applied widely.

… take, for example, visas
Suppose that visas were issued in future in the form of digital certificates and stored on each visitor's mobile phone. The mobile phone could monitor the visa locally and warn the visitor when it was running out, just as mobile phones already warn you when the battery is running out. Equally, UKvisas, the organisation which administers visas, could send text and/or voice messages to the mobile phone, in the language selected by the visitor, warning him or her that the visa was running out.

… UK tax on overseas income
Some individuals are exempt from paying tax on their overseas income as long as they spend no more than 90 days per year in the UK. Dematerialised ID would allow HM Revenue & Customs to count the days spent in the country by reference to the presence of that individual's phone on any of the UK's mobile phone networks. It may be objected that the individual might simply leave his phone abroad in order to evade the count. But if the phone also stored his entry permit then he couldn't get into the country in the first place.

... academic qualifications, tickets to the FA Cup Final and other events, and credit cards
There is an active market in forged academic qualifications, for example, in touted FA Cup Final tickets and tickets to pop concerts and to the theatre. Replace the material exam certificates, and the material football match and concert and theatre tickets, and the material credit cards used to pay for them, with digital certificates, and PKI can be used to promote authenticity.

… cheques and the clearing system
Another example, cheques need to be signed. There is a digital signature facility in PKI. Again, this is nothing new. There is already a body of law in most countries covering digital signatures in general and the question whether they are irrevocable in particular. Replace cheques with digital certificates which can be digitally signed, and another source of fraud is reduced. The clearing system could be speeded up at the same time.

... banknotes
The Bank of England could issue digital certificates instead of material notes, thus reducing the incidence of counterfeit money.

… GP prescriptions
A further example, Finland are considering the feasibility of prescriptions being digitally signed by GPs.

… and credit card fraud
Final example, credit card fraud has been reduced by the introduction in the UK of chip and pin cards, but only for transactions where the customer is present and only when the transaction takes place in the UK. The credit card companies already use PKI to authenticate their merchants' credit card terminals. The weak link is the one between the customer and the terminal. If material credit cards were replaced with digital certificates, then even customer-not-present credit card fraud could be reduced. How? Answer:

When the customer is present during a credit card transaction, his mobile phone can connect to the merchant's credit card terminal using a free Bluetooth or infra-red or RFID short-range link. PKI will authenticate the transaction from end to end, from the digital certificate credit card on the customer's mobile to the merchant's terminal to the credit card company's mainframe.
When the customer is not present, the only difference is the link – the customer will be connected by the mobile phone network, by a dialled connection, instead of a short-range link. Nothing else is different. The same high level of authentication can therefore be provided whether the customer is present or not.
The customer's private key must be issued under secure conditions, preferably involving a Faraday cage, as noted above. Thereafter, the strength of PKI allows the customer safely to use public networks such as the mobile phone network. PKI is the general solution to the customer-not-present problem.

Again, Finland are already conducting a feasibility study, in this case with Visa.

Where does the Home Office's sometimes voiced notion come from that their scheme places the UK in the vanguard?

Dematerialised ID could expand the economy
With authenticity promoted by PKI, there should be less fraud, there should be less provision in company accounts for fraud and there should be less money spent on insurance against fraud. What with that and the reduced cost of producing vouchers, including ID cards, dematerialised ID could help to reduce the costs of doing business and so expand the economy.

... it could have attractive benefits and not be just an imposition
This again distinguishes it from the government's ID cards scheme, which contributes nothing to eCommerce. Dematerialised ID provides incentives for people to enrol. There are benefits on offer to everyone, unlike the government scheme, which is simply penal.

... and it could give the government an important rôle
The credit card companies are not stupid. They know that PKI could reduce the incidence of credit card fraud. They have tried in the past and failed to extend PKI to the credit cards themselves, to close the authentication gap between the card and the merchant's terminal.

The problem was that the PKI software would have had to be issued by the banks. And the banks, quite rightly, did not see it as their job to act as software distribution and support businesses. A combined effort between the government, the banks and the mobile phone companies might succeed in delivering the benefits of mass, consumer PKI.

Digital certificates could be issued to organisations as well as to individuals
Digital certificates could be issued to companies* by Companies House in addition to the present material certificates of incorporation. The Financial Services Authority (FSA) could issue digital certificates to banks*. The Trades Union Congress could issue them to unions* and the Charities Commission could issue them to charities*. Any club* could issue digital certificates to its members instead of material membership cards. Individuals and organisations both, could be brought into one single infrastructure, the PKI.

* Dematerialised ID does not require these organisations to store their digital certificates on mobile phones, of course, they can be stored on any digital medium.

... thus improving the chances of reducing identity theft and money laundering
That would improve the chances of combating money laundering and identity theft. Money laundering, after all, involves not just individuals but also companies and banks and others. Issuing smart cards to individuals alone, as the government propose, can be at best only a partial solution to the money laundering problem. Similarly, it is not just individuals who suffer from identity theft, so do companies and other organisations.

The incidence of identity theft in the UK is estimated to be £1.7bn p.a. The Home Office promise that ID cards will reduce identity theft but they do not say how much it will be reduced by. There is no value associated with this promise. And there is no argument advanced to support it. It is quite conceivable that the introduction of ID cards should actually increase the incidence of identity theft, not reduce it.

The National Criminal Intelligence Service (NCIS, now SOCA) estimate the annual value of money laundering in the UK to be of the order of £10bn. Their figures suggest that the annual value of detected money laundering is of the order of £0.1bn, a mere 1% of the total incidence.

These figures are embarrassing. Some major change in detection methods is surely called for. ID cards issued to individuals alone will do little to improve the figures. Dematerialised ID could be the change required.

If this sort of mobile eCommerce with mass authentication by PKI (mCommerce) is ever to take off, then there are certain implications
Contact details and other data are stored sometimes on the SIM card of your mobile phone and sometimes on one or more separate memory chips. When you upgrade from an old handset to a new one, it is often a very clumsy process getting the data transferred from one to the other. That transfer process must be made smoother and, if dematerialised ID is extended, it must include the transfer of digital certificates and their associated applications.

... we shall need better backup and restore facilities
That implies that there must be standard backup facilities, perhaps on your PC, perhaps at a third party, which allow you to back up all your data and applications from your old handset and then restore them onto the new one. And these backup and restore facilities must work irrespective of the operating systems and physical architectures of the two handsets and irrespective of the network operators involved.

... and efficient revoke and reissue facilities
Dematerialised ID must also be able to handle the loss and theft of your mobile phone. If you lose your phone, or it is stolen, not only do you want to be able to restore all your backed up data onto a new handset, you also want all your old digital certificates to be revoked, so that no-one else can use them, and re-issued to you. We shall need revoke and reissue facilities.

BCSL foresees therefore that there will need to be a new mass consumer and corporate business, somewhat akin to share registrars or custodians or bankers, third parties whom you trust to keep copies of all your details, who offer an efficient backup and restore service and who offer an efficient revoke and reissue service.

Dematerialised ID will not thrive unless this new business develops. And this new business will not develop without widespread trust. Its development is, therefore, by no means assured.

Elements of this custodian business already exist. Microsoft's .Net Passport service, for example, and Nokia's Mobile Personality (p.8). The idea was first floated by BCSL in May 2003 (para.6.3). Having spent the intervening years watching this area, one thing is certain – one of BCSL's original suggestions is wrong, UKPS (now IPS) will not be one of these new custodians (para.4.4).

mCommerce has not taken off yet
If your computer is securely protected behind the steel doors of the chancery in one of our richer embassies, no-one unauthorised can access it easily, and any digital certificates/private keys you have stored on it are safe.

If the digital certificates you rely on are stored on your mobile phone, which you take everywhere with you, that is a different matter. There must be something between the person using the phone – perhaps someone who has stolen it from you – and the private keys. Otherwise you might as well walk around with thousands of pounds-worth of banknotes.

That something could be your fingercopies, but they don't work with 20% of the population. Which leaves us with passwords, Personal Identification Numbers (PINs), memorable phrases, your mother's maiden name and all the other paraphernalia of today's eCommerce.

We started with all the majestic strength of PKI, replete with its mathematically provable abilities to authenticate anything, and here we are reduced to PINs and passwords.

People can't remember many passwords, they rarely change them, they are often easy to guess, sometimes people write the password on a Post-it note and stick it on their PC and some people will tell you their password if you just ask them.

So, passwords in the case of applications operated on desktop PCs are risk-prone, as they are with applications operated on mobile phones.

Similarly, whether your computer is a PC or a mobile phone, you live with the risk of hackers and viruses getting into it.

But with mobile phones, there are further problems:

The tiny, fuzzy screens.
The tiny, clumsy keypads.
The high incidence of loss and theft.

These problems all inhibit the growth of mCommerce.

... and it may never take off
People have been talking about mobile phone-based commercial applications for years and, in the main, they have never materialised (let alone dematerialised).

They may never take off.

... but the government's ID cards scheme certainly wouldn't help
The point of rehearsing the possibilities for mCommerce in this proposal is simply this. It is clear that dematerialised ID, with its emphasis on mobile phones, could support the growth of mCommerce if anything can. And it is clear that the government's ID cards scheme, with its emphasis on smart cards, could not. Given all the funds and all the effort that would have to be diverted into the ID cards scheme, it would not only give no boost to mCommerce, it would actively inhibit it.