The Philadelphia Inquirer has an interview with Microsoft Chief Privacy Officer Brendon Lynch, who joined the technology company’s privacy group in 2004.
“So I think part of the solution is that we need to bridge offline and online identities in some way,” says Lynch. “Trust is needed online. There is a degree of trust offline among the parties. So you want to be able to reuse that trust online but not in a way that breaks privacy.”
The first step was CardSpace. Introduced in 2006 and built into Vista and Windows 7, it’s an attempt to create a usable platform on which to build digital identities. The question now is how to build them in while guarding privacy. Microsoft began to answer this in 2008, when it bought the Canadian company Credentica, brainchild of Stefan Brands. […]
Credentica’s technology, now called “U-Prove”, uses tokens to create decentralised, role-based authentication while retaining user control. A specific token cannot be linked to the issuer or cross-linked to other tokens from the same issuer unless the user specifically allows it. By analogy: a bar needs to check your age but not your name and address; a theatre needs know only that you have a valid ticket. This minimalist thinking is the opposite of the more common federated single sign-on that centralises all authentication and creates a complete, linked trail of all transactions. And this, for Lynch, is important. […]
Privacy, as past failed start-ups have learned, is a tough sell to consumers, mostly because the technology to implement it is often complicated and unintuitive to understand. It’s this that Lynch hopes Brands’ U-Prove technology, launched freely earlier this year for developers to experiment with, will change: the goal is to make authentication easy. But another aspect of the hard sell is that it’s hard for consumers to understand what the risks are in posting pictures and personal information to, for example, Facebook. […]
The hope now is that U-Prove will be taken up by developers and built widely into identity technologies.