Connecting Physical and Virtual Identities Approaches (affordable) Usability, Privacy and business (W1G)
Session Topic: Connecting Physical & Virtual IDs (W2G)
Convener: Robert Moskovitch
Notes-taker(s): Robert Moskovitch
Tags for the session - technology discussed/ideas considered:
Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:
A. Tags for the session - technology discussed/ideas considered: Connecting the physical & virtual identities on Login and continuously. The team discussed the need and optional tehcnology for assuring that any peace of information on the web was created by the said "Physical" identity. Physical identity refers to the real world identity. For example, when a specific person posts on a forum, on a social network, or sends an email.
B. Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:
The team agreed that this is an important topic, and the need in assuring that the physical identity behind the virtual identity created some info is becoming more and more relevant. This is even important from the physical identity aspect, for example, a person would like that people will know that his user on a social network is indeed himself, and the same referring to any peace of info she created.
The team discussed some optional technologies to enable such assurance, including various biometrics solutions, such as finger prints, but these are relevant only during login. The option of verifying users based on their mobile device, especially when comunicating with the web from the phone was raised, as well as from a PC by confirming your identity through the phone by one-time-password or such functionality, but this still can be done by another person as well. Thus, in order to verify that a user typed a specific post, or email, as well as logged in, typing patterns verification can be used. The option of typing patterns verification for login verification was discussed, as well for continuous verification for the purposes of posting, chatting and emailing, having it transparent and continuous which cant be provided by other means. The team indicated that usage of such technology will require the awareness of the users and their agreement.