The next generation of Identity

Phil Becker wrote a post on Identity substitutes, tokens and proxies over at ZD Net. Here is the opening paragraph:

We frequently use proxies for identity when the real thing is difficult, inconvenient, or unnecessary to validate. This applies especially in the realm of authentication, as the only true identity based authentication technologies available are biometric. Everything else is an approximation of identity validation to some acceptable degree of risk or certainty. So we often authenticate the identity of one or more things and use the result as an identity proxy or substitute.

The rest of the post provides a day in the life of Adrian has he authenticates himself.

I take issue with Phil’s distinction that biometrics are the only true authentication technology. Biometrics are just harder to copy, and harder to lose. Someone can lift my fingerprint from the case of my laptop, create a facsimile and use that with the fingerprint reader. A fingerprint can actually less secure in some ways then a password. No authentication technology is 100%, just like nothing can be 100% secure. Adding multiple factors to authentication is how we increase certainty.

In Phil’s article he describes how Adrian has a car key that allows him seamless access to his auto. The car is not authenticating Adrian though, it is detecting someone with the key is nearby, and configures the car to the preferences the key holder has. That is why Adrian can give his key to a valet, and the valet can drive . The car does not care if it is Adrian or not.