Using offline solutions to online identity

As the recent hacks of some Apple and Amazon’s accounts highlight, it is difficult to safely authenticate people online for various recovery scenarios (lost password, hijacked account, etc).

So I am surprised that we don’t see brick and mortar solutions emerge.

For example, you could imagine Apple taking advantage of its physical presence (Apple Stores) to strengthen it’s authentication solution. A number of providers could fill that role, such as stores like Fedex/UPS/USPS, banks, or even specialized providers (if they can do it more effectively and cheaply).

As Bruce Schneier pointed out in his video on identification and ID security, identification is a system (issuance procedures, tokens and cards, registries, verification procedures, unplanned usages) and only a part of the broader system of security. There is no reason that the online and offline parts of those systems be so disconnected.


Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: