Thursday, March 31, 2005

Multiple levels for network personal identity

I remain convinced of the need for a whole new regime of Network Personal Identity (NPI). Not only does an NPI exist as distinct from your real-world identity, but there are different categories of need, different levels of disclosure, and different roles that users play when engaing in network-based activities. In other words each individual user may have a significant number of network identities.

I'll summarize some of the more interesting levels of network personal identity, without intending to be comprehensive at this time:
  1. Full network identity. This would include the maximal amount of personal identification information that you would ever disclose to a network-based application. You in fact may have multiple of these identities since you may only reluctantly disclose some information to one application because it is required, but not want to disclose it to some other application for which it is not abaolutely required. You may opt to have a master identity profile and some specialized sub-profiles for specific uses. Some of the information could be entered manually, but some would be required to be entered by a trusted "identity service provider". You can fake a lot of info, but not your full legal name, address of residence, birth date, SSN, and a few other pieces of info. But you would be able to select your nick name, preferred mailing address, other preferences. None of the info in the full network identity would be available to any network app, unless you explicitly offer it. The info would be kept at one or more network identity servers that the user selects. No disclosure would be possible to any network app except to the degree the user authorizes. Techniques such as email confirmation would be used to assure that disclosure is authorized.
  2. Credit identity. This would have the minimal information to transact a financial transaction which reuires a credit card number. May also include address and contact information needed for a transaction, but only to the degree that the user opts in that information. Your may have adistinct credit identity for each account or even each application to tailor the disclosure.
  3. Real name identity. For applications which require your real name. Would typically also include your city and state of residence. This is essentially what you would provide for a letter to the editor of a newspaper. Might be typically used for an initial employment application. In general, this would have very little if any additional personal information.
  4. Selected disclosure. Based on specific application requirements, the use may opt to specifiy as much detail as desired. As a stypical use, an application might offer a list of information items that it requires or optional requests and the user can decide whether to abort or opt-in from their full network identity.
  5. Unique identity. May be a concacted user "id" or other pseudo name. This is the level of identity needed for most net applications that do not involve a business transaction.
  6. One-time identity. Typical use might be to make an inquiry for which you wish a return answer, but also want the security of knowing that your identity might be "kept on file". The application would merely query a common identity server for validation of the id, and any additional info that the user has opted to disclose.
I envision that disclosure of personal information is a multi step process:
  1. User initiates contact with application.
  2. Application discloses a contact id.
  3. User contacts their chosen identity server with the app contact id.
  4. User selects level of disclosure for this contact.
  5. User passes a contact id from the identity server to the application.
  6. The application passes the contact id back to the identity server along with its own contact id.
  7. The identity server verifies that the contact ws authorized, possibly with an email confirmation for some transactions, and then passes the authorized information (securely encrypted) back to the application.
None of those steps would require more than a single click by the user.

Again, this is not yet a full architecture for network personal identity, but simply another increment of detail along a path that will evolve over time.

-- Jack Krupansky