Froud on Fraud – Cybersecurity Predictions for 2020

In 2016 I predicted that:

  1. Identity Management will begin to replace single-factor authentication;
  2. Identity Management will be decentralised onto consumer mobile devices;
  3. HOW you pay will become increasingly irrelevant;
  4. Value-Add Services and Customer Service will be the only differentiator;
  5. Loyalty Programs will begin to centralis;

Even 3 years later only 1 of these things is becoming [slightly] true (#1).

In 2017 I predicted that:

Continue reading

Digital Anarchy? Not Without Identity Management

I read a rather long but very interesting article the other day (thank you nephew) titled ‘The Coming Digital Anarchy‘ by Matthew Sparkes (Telegraph). Despite the rather dramatic title (I have done this egregiously myself from time to time), the concept regarding the future of ‘blockchains’ is sound, and is a far better researched and a far more encompassing version of my earlier article ‘On The Irrelevance of Money‘.

However, with the exception of one fairly cryptic phrase; “In [his] version of the future, identity and reputation will be the new currency.” the means by which this new order will be usable has not been addressed. Nor have I seen it addressed in any other articles of its ilk.

Regardless of the manner in which our data is stored, either the current file/database method, or the de-centralised / distributed method of blockchains (written for the crypto currency Bitcoin, but has much wider implications), we, the owners of the data, need to access its function securely, and put it to use in any scenario we choose.

If you can assume for the sake of argument, that the concept of the block chain is a valid method of storing and securing data, how can we access the data’s benefits in a method that’s equally secure? Your computer, mobile phone, static knowledge (username / password etc.), physical tokens (credit cards, RSA Tokens) are what we use now, and seeing as they are based on current methods of authentication, inherit their flaws. It is a hard enough stretch to get people to accept that their entire ‘Internet Worth’ (trying to coin this phrase) is not maintained by any institution, but to grant access to this without ensuring your identity is protected in the same way goes too far, even for me.

Your identity is all you have that’s truly yours, everything else is a universally agreed representation of value (money for example), so until such times as we can bring our full identity to bear we are reliant on small, and very specific elements of it. Elements that are relatively easy to steal, and duplicate.

It follows therefore, that the more of our identity were can securely distribute, the harder it will be for anyone to pretend they are us. Even in a scenario like Invasion of the Body Snatchers where they completely take over our physical bodies, unless the entirely of my life was instantly at the impostor’s disposal, AND they were able to duplicate my personality precisely, my family and friends would know there was something wrong. And if I’m honest, might actually prefer the new me.

Which brings me to the true value of your identity; Trust. You would not lend a stranger a £1,000 without significant rules in place, but you would think nothing of lending it a family member (assuming they’re not a douche-bag). Why? Because you have a lifetime of trust built up behind you.

How then do we duplicate a lifetime of trust in an electronic form, between two complete strangers? Well, if you’re reading this YOU can’t, probably it’s too late for most of us, but it’s NOT too late for those young enough to begin the process. All we need is the technology.

Oddly enough, I think that block chains provide the answer here too, but I am making a huge assumption based on limited knowledge of how they work. However, from what I know already, they are an ideal medium as their very nature is to record everything that ever happens from the beginning. It just needs to be worked out how to accept the input from everyone with whom the individual comes into contact, and how to represent that in terms of levels of trust. Much like a credit rating, but infinitely more difficult to explain.

In just the last few days Ghash has thrown a huge spanner in the works by controlling the magic ‘51%’ of Bitcoin, thus completely ruining the whole concept of de-centralisation. They have said that we should not worry, and to trust them, but so do the banks. There is clearly a lot of work left to be done.

Until people MUCH smarter than me can work out these issues, and we completely redefine the concept of Privacy (that’s the easy part, right?), this is all theory and speculation, but I cannot see any safer way to get where we are headed. Things change, whether we are ready or not.

Your identity as a baseline is both irrefutable, and cannot be duplicated, but it DOES mean you have to be a decent citizen your whole life or be ostracised. Is that such a bad thing if we have a global consensus on right and wrong?

[If you liked this article, please share! Want more like it, subscribe!]