Identity Mixer: better online identity management?

Last August I wrote about the (Still Coming) Privacy Boom. I was frustrated while reporting that companies weren’t coming up with enough new technologies and services for people anxious to control their online data and identities. However, there are developments in this market, including a project at IBM Research: the Identity Mixer.

For example, an issuer such as a bank or government might provide an ID card containing a broad set of details about a person. That person can then selectively reveal to retailers or service providers only a relevant subset of personal identifiers. Part of the larger privacy project sponsored by the European Union called PrimeLife, Identity Mixer holds the promise to keep your personal life private—and out of the hands of those who don’t need it.

Jan Camenisch, a cryptographer behind this technology, thinks that we’ll eventually manage our online relationships much the way we flip through plastic cards in our wallet. If I pull out my wallet right now, for example, I have a New Jersey’s drivers licence, which communicates no data about my finances, drinking behavior, or the Web sites I visit. I have a Montclair library card, which is associated only with the books and movies I borrow. I have credit cards. I have credit cards. There matters grow a more complex, because they’re tied to all sorts of behaviors and proclivities…

In any case, Camenisch gives an example. Let’s say a teenager has to prove he’s between 15 and 18 years old to access an online site. Should he have to provide an ID with links to his address, gender, date of birth, and perhaps other nuggets? No, ideally, the card would provide only the information asked for, a date of birth (roughly) between 1992 and early 1996.

This type of technology would be very helpful in health care, where people need to provide confidential information in order to get advice and services:

….if you have healthcare insurance and the firm offers a portal, like webmd.com, where you can go to check on, for example, disease symptoms, then obviously you should be doing this without revealing your identity. On the other hand, the service provider might need to check that you indeed have insurance and have paid for this service beforehand. It won’t, however, reveal any other information. If they issue a certificate indicating that you have paid for the service, you can use that certificate later to convince them that you have indeed paid, but these two transactions cannot be linked so there’s no way to tell who you are.

I believe we’re going to demand these types of technologies and services. Europe, which has a much higher awareness (and fear) of the issue, is likely to be a leader. (This research, not surprisingly, is centered in IBM’s European labs.) The winning formulas are going to be those that not only figure out the technology, but also develop intuitive interfaces and clear communications. We’re going to be making lots of these identity decisions, after all, from our phones.