Just when we thought, “it couldn’t get worse”. Just when we boldly exclaimed, “I never applied for a government job, so I don’t have to worry about what happened at the Office of Personnel Management”.
Just when we confidently boasted, “Well, I was never an Ashley Madison subscriber”.
None of us can behave with any certainty that our personal information is protected. As we have all seen, Equifax is incapable of reliably alerting anyone whether their data was taken or not. That data is all available to anyone willing to pay the market price. Perhaps a full-fledged identity theft ring will use the information for their own enrichment, or perhaps a less nefarious entity will use the information just to pry into your private information. Either way, the discomfort is real.
After this new mess, we have to reconsider our identities. Assume that all of the information that was previously used to identify you is no longer valid. Your Social Security number, driver’s license information, and even some of your credit card data is now out in the wild. What method will be used from this point forward?
About a month ago, there was a bit of shock when it was reported that a company had developed an implantable chip that could be used for simple tasks such as opening a door, or authenticating you to a computer system. This implantable biochip and its associated perils is reminiscent of those in so many science fiction movies. Many of us recoiled at the idea that we would become trackable by organizations that we did not trust.
Is it too late to reconsider this idea? Many would say that the bio-chip data must be stored somewhere, so it is just as vulnerable as the data that was already taken, so how is it any different than that held by the credit bureaus?
This difference is that the biochip companies have a clean security slate from which to build their practice and they have plenty of breach history to draw upon in order to avoid doing it incorrectly. However, is that any guarantee that they will get it right? Of course not. I, like most, am not ready for my biochip.
Perhaps the next system of identification could be based on blockchain technology, whereby we are all issued a hash number. Think of the possibilities of that. We can all have a unique identifier based on a characteristic that is unique to each of us. Perhaps a hash value of the digitized value of all of your fingerprints, or the hash of your iris scan at a particular point in time. The interesting part would be that all biological children of two individuals would be given an identity generated from the parents’ hash IDs until such time that they may be issued an individual hash.
The worst part of all the recent data loss is that no matter what method is devised to replace our identities, it must still be linked back to those old, stolen credentials, or much of the economic structures of society will unravel.
We are certainly at the doorway of a new age of identity and identity protection.