W3C home > Mailing lists > Public > public-credentials@w3.org > October 2014

Re: South Korean ID system to be rebuilt from scratch

From: Anders Rundgren <anders.rundgren.net@gmail.com>
Date: Sat, 18 Oct 2014 09:51:25 +0200
Message-ID: <54421BFD.1070307@gmail.com>
To: Credentials Community Group <public-credentials@w3.org>
CC: 조상래 <sangrae@etri.re.kr>, 윤석찬 <channy@gmail.com>
On 2014-10-18 04:04, Manu Sporny wrote:

IMO the real problem is not related to the design of the citizen identifier,
we have had this scheme forever in Sweden and it has worked fine (until now...).

It is rather the lack of a system where you can *prove ownership* to such
identifiers which allow fraudsters to take over bank accounts, real estate
properties, etc.

This problem has increased due to immigration making me believe that biometrics
is needed.  Biometrics wouldn't verify that you really are who you claim to be
but it would protect you from identity-theft.  I.e. if somebody orders an ID-card
for a certain claimed identity and their biometrics doesn't match previous records,
the issuing process would enter an investigation phase.  That fingerprints is a
threat to privacy is utter nonsense; hundreds of thousands of public surveillance
cameras can soon follow peoples' whereabouts in real-time only based on facial
recognition not to mention certain service providers' accumulation of messages,
contacts etc.

If customer and citizen databases aren't properly protected, I don't think a
revised ID system will help much.

Anders

> South Korean ID system to be rebuilt from scratch
>
> """
> The ID numbers and personal details of an estimated 80% of the country's
> 50 million people have been stolen from banks and other targets, say
> experts.
> """
>
> Things we should avoid:
>
> """
> There are several reasons that the ID cards have proved so easy to steal:
>
> Identity numbers started to be issued in the 1960s and still follow the
> same pattern. The first few digits are the user's birth date, followed
> by either a one for male or two for female.
>
> Their usage across different sectors makes them master keys for hackers,
> say experts
>
> If details are leaked, citizens are unable to change them
>
> The government required net-users who wanted to deal with banks or shops
> online to use a Microsoft product, ActiveX, to provide a digital
> signature but critics say it was a simple password that could easily be
> duplicated
> """
>
> http://www.bbc.com/news/technology-29617196
>
> -- manu
>
Received on Saturday, 18 October 2014 07:51:56 UTC

This archive was generated by hypermail 2.3.1 : Wednesday, 11 July 2018 21:19:21 UTC