Life in large, complex societies is continually beset by the challenge of identity verification. Anthropologists have posited that the natural cognitive limit for the number of people an individual human can maintain relationships with is between 100 and 250. This number is based off of our long origins in tribal living conditions, in which tribal band populations rarely exceeded a couple hundred people. For civilizations that scale up into the millions, the problem of anonymity creates ample opportunities for fraud, deceit, and misrepresentation. For this reason, our ancestors implemented increasingly abstract systems to deal with the question of identifying people.
Each identity management system that has been put in place stabilizes for a period of time, until it’s loopholes are found and exploited by criminal enterprises.. A period of fraud ensues, until an improved system of identity security is implemented. This cycle represents an evolutionary meta-game in which the security of identity is forced to become stronger over time.
We are currently reaching the completion of an older era, in which outdated methods- physical ID cards, paperwork processes, passwords, and other practises- have become obsolete due to the ease with which they are exploited by fraudulent actors. Currently emergent is the use of multi-factor authentication, encryption, digitization (abstraction), automation, and the rather nascent technology of biometric authentication. These newer technologies are establishing new era of secure identity and access management. Digital ID’s are an elegant way of combining all of these emergent methods into one secure solution, and will be the evolutionary stepping stone into the widespread distribution of biometric authentication.
The problem of password use has become widely recognized in recent years. The overreliance on basic, easy to guess passwords, the difficulty of managing/remembering multiple passwords, the ability to brute-force with simplistic passwords, the vulnerability of long-held passwords, and the exposure of written passwords have all contributed to widespread password theft and fraud. The task of creating and maintaining truly secure passwords goes beyond the effort that most individuals put forth.
Two- or multi- factor authentication requires the user to have more than one login credential, like a door that requires two or three separate keys to open. Each extra step in the authentication process multiplies the strength of the identity and decreases the likelihood that the user does not match the identity. Randomly generated pins and using multiple levels of access eliminates the inherent weakness of passwords.
Digital ID’s, and more specifically Virtual Badge, employ multiple levels of authentication process. The user operates a smart device and must be able to log onto their device via their own pin. Once in the act of creating a profile or logging into Virtual Badge, the user receives a randomly generated temporary pin sent to device or email (previously established). After the user has created their digital ID card and must be authenticated within an area of operations, another person or software must validate that the user matches the identity of the ID badge. Under this identity management system, external sources validate both the login and authentication process. Identity verification in Virtual Badge is made far more secure by reducing overall reliance on passwords.
Abstraction, Encryption, Closed Systems
As has been covered previously, the use of physical cards presents certain identity security issues. Physical cards are frequently managed poorly by their users, often ending up lost or stolen. The ease with which a physical object can end up in the wrong hands gives fraudulent actors the opportunity to begin forging identities and editing ID badges for their own ends.
In Virtual Badge, each ID badge is ultimately a digital profile. As such, each user identity exists only within the identity management system database. This ensures that an ID badge cannot simply “fall’ into the wrong hands, and then be duplicated or edited for malicious purposes. Digital IDs exist independently of any physical object.
Because identity management software is centrally administered in the back end of the program, administrators must approve the creation of, or changes to, ID badges. This further impedes the ability of fraudulent actors to make progress in editing digital IDs.
Finally, Virtual Badge employs an encrypted QR code system. Each virtual ID card receives a unique QR code that is only generated, and validated, within the Virtual Badge system. This code scheme is protected by encryption and other security measures, and cannot be generated externally.. Typically, the QR code is scanned and validated by access control personnel to grant or deny access, as appropriate.
The abstraction of identity management access tools into the digital format literally keeps faulty identity out of the wrong hands through the use of digital profiles, administrator safeguards, and encrypted QR schemas.
Knowledge in early tribal life involved the direct transmission- oral and aural- of information from person to person. In the early modern period, the abstraction of knowledge into manuscript and then mass production of text became the preferred method of conveying information. With the advent of televisual communications (film) in the 20th century, a more direct and visceral way of communicating- through that of the image- returned to mass society.
So it is with identification and authentication, mirroring the aforementioned historical process. First there was direct knowledge of the person through personal social bonds. Then came the use of abstracted, encoded, rational bureaucratic systems, assigning everyone an identity tied to documents. Finally, we are returning to direct knowledge of the person, through AI systems immediately apprehending the image of the identified.
Biometric identity management involves identifying and authenticating people based on the personal, distinct, physical features of the individual’s body (or behaviors). These features may include face, fingerprint, hand geometry, ear geometry, eye, iris, retina, gait, timbre of voice, and even keystroke patterns. Biometric authentication is the most secure method for identification positives and access control. Due to it’s historically cost prohibitive nature, its use has not been quite widespread- but that now is in the process of changing as the cost of the technology has come down.
ID markers based on print or text- documents, ID cards, passwords- are easily stolen, changed, and replicated. This is the malleable nature of print or text. Human bodies and their distinctive biological features are not quite subject to capture by others.
Virtual Badge can employ the use of biometric facial recognition through the use of smart device cameras, and other cameras tied to the identity management system. At the creation of a profile, the system will match the face of the user to other authoritative user IDs, like passports and driver’s licenses. At further extensions of the system’s capabilities, cameras automatically scan the user’s face at physical checkpoints to confirm identity and grant or deny access. At this point, presenting the digital ID badge as a user will no longer be relevant, as the face is simply tied to digital ID profiles within the database. Virtual Badge will be able to widely disseminate these capabilities at an economical cost.
Virtual Badge will lead the way away from physical ID documentation, shutting the door on an older era of insecure identification forever. With its combination of multi factor authentication, digitization, encryption, and administrator verification, it is inaugurating a new stable era of ID’s that can be trusted and relied upon.
While digital IDs currently employ this suite of modernized security features, they will ultimately progress towards a totally biometric based system, without the need to physically present the IDs. The automation process will continue until the person is all that needs to be present, and direct and immediate authentication will transpire.
Going forward, Virtual Badge is the definitive system for real widespread identification, authentication, and access control. If secure identification is the goal, then the historical process has made this system the next step in its evolution.