Moving Beyond Barcodes

Share: Share on FacebookTweet about this on TwitterShare on Google+Share on LinkedInShare on RedditEmail this to someonePrint this page

 

We all have many plastic cards in our wallets – driver’s license, credit cards, healthcare cards, and more.  Many have some mechanism for exchanging data with a reader either via a barcode, magnetic strip, or chip. Unfortunately, these mechanisms for exchanging data do not always provide the best authentication.

Barcodes are for automation, not Identification

The use of barcodes, magnetic strips, and chips can automate the process of reading the information from the card but there is no mechanism to prove that the person carrying the card is the person to whom it was issued. Visual identification via a picture on the card can help but there is no proof that the card has not been altered. Some readers can employ external communication with the card issuer or a verification agent to confirm the data on the card but this is tedious and requires an internet connection.

Digital baby steps

We are starting to see visual representations of plastic cards being stored on smartphones. These can be used for identity verification because smartphones can present a barcode for scanning or can read a presented barcode. These types of exchanges require the phone and reader to be near one another. If you have used a digital airline boarding pass on your phone you know that finding the right position for scanning can be difficult, even when the reader is stationary. While that is a minor inconvenience when boarding an airplane, it can be a safety issue for a police officer during a traffic stop or confrontation. The peer to peer communication technologies in smartphones allow us to move beyond these type of barcode exchanges to a more secure solution.

Identification in the Digital Era

Smartphones can securely exchange data with one another over a short distance using wifi or Bluetooth connections. Digital identity documents can be signed by an issuing authority and securely transferred and stored on smartphones. Biometric authentication on the smartphone insures that the owner of the phone is the owner of the identity document stored on that phone. Security is improved.

Once an individual has been properly authenticated, identity documents can be issued immediately. Documents can be updated, replaced, or revoked as necessary. There is no need to physically travel to an issuing authority for a replacement and to wait for a plastic card to be printed and mailed. Convenience is improved.

During a verification request the owner can select the identity traits to share with the requester. You no longer need to reveal your exact age or birthdate to a bartender, but only the confirmation that you are of legal drinking age. Since data is transferred digitally, there is no awkward coordination of alignment for proper scanning of a barcode. Authentication can be performed at a safe distance. Safety is improved.

This new ecosystem is available today via IBM Mobile Identity. Explore more at mi.ibmjstart.com.

Upcoming Mobile Identity Events:

 

Share: Share on FacebookTweet about this on TwitterShare on Google+Share on LinkedInShare on RedditEmail this to someonePrint this page
Becky Gibson
Becky is a Senior Technical Staff Member in the Emerging Technologies Group at IBM. Her career has spanned many products and programming languages and she has contributed to both commercial and open source projects. Becky is widely recognized for her efforts in the area of Web Accessibility - making the Web usable by people of all abilities. She has now turned her attention and efforts to the area of digital identity and mobile identity solutions.
Becky Gibson
Dan Gisolfi
As CTO for Trusted Identity, Dan is focused on the development and execution of a trusted identity strategy for both citizen and corporate identity interactions using blockchain technologies. This endeavor includes the development of a formal IBM Mobile Identity offering, the definition and development of a trusted identity reference architecture, and the creation of devops tools that streamline the delivery of trusted identity solutions for clients.
Dan Gisolfi
Dan Gisolfi

Leave a Reply

Your email address will not be published. Required fields are marked *