Need to Know

  • Top Secret

    Know this is an interesting data issue. Actually it's more of a transactional and verification issue, but it might have some interesting implications for ensuring that data is what you expect.

    We all know that identity theft is a problem in the world today. And most of us know, or should know, that the more points of data you have out there, the greater the chance that some thief will get ahold of your information. So having a limited amount of places where your data is stored, or better yet, less data is stored makes for a safer identity on the web.

    IBM has new software the limits the information you provide on the web to that which you need to know. It works by being a go-between that can provide verification of your data. A bank, government, or other "trusted" authority holds the pertinent information and authorizes purchases. It's not a new idea, but it might work with a large company like IBM able to push it out to banks.

    As a data guy, I'm certainly in favor of not having any identity information in my databases. It means that I can be less worried about a data breach or concerned about liabilities.

    Unless I happen to work for one of those banks that needs to hold the information.

  • I currently working in a spanish savings bank and believe me it's a real pain every time that you have to obtain a excerpt of data for external providers alter the ID'S public individual cards and whatever.

    In other sector it could not happen.

  • Do you really think the size of IBM will help push this?  Microsoft started passport more than 5 years ago [1] and, despite its size (it's apparently the only software company that's actually larger than IBM [2]), it garnered immediate, widespread, opposition and went pretty much nowhere.

    [1] http://www.microsoft.com/presspass/features/2001/sep01/09-20passport.mspx

    [2] http://www.newratings.com/analyst_news/article_1435736.html

  • Passport has other problems. Namely it's run by Microsoft, a software company, not a bank, and it didn't hide your information unless you gave it to Microsoft.

    What I think would help would be US/European laws against banks selling your information at all, regardless of permission, and then allowing them to offer this as part of your service.s

  • Here in Canada, in the space of three years, one of the major chartered bank (3rd largest, I think) lost a data backup file with a half million IDs in it (they still have no idea where it went), spent 7 years faxing personal identifying information to an auto wrecker (who, to his credit, spent years trying to get them to stop), have had 11 other serious data losses, risking 3+ million customers in the scope. That's in 36 months, and those are the ones that we know about.

    Recent losses of data at various retailers, etc., all point to one thing: identity theft prevention is low priority for these folks, because the financial penelaties for allowing it happen are too low. I would hazard a guess the banks, at least here on my home soil, feel even less concern.

    No matter what technology is available, the main problem is sloppiness and a lack of fixed and large penalties for making routine mistakes handling data. Until the financial penalty of loss is so high it is not an acceptable expense, no technology will be adopted. These people just don't really care that much.

Viewing 5 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic. Login to reply