Monday, 24 December 2007

Changeable Identity Aids Security

Some types of information security may be changed after a breach. For example it would be relatively easy to change the encryption standards, voter identification codes and passwords after a security breach, in order to prevent fraud. On the other hand, names and postcodes can't be altered making them more valuable for identity thieves. To side step this issue, after registration and validation, unique ID user names may be stored on the system, instead of real names. These may be changed after a security breach (or by the user at any other time) and will be worthless to identity fraudsters.
If each region operated its own ID database it would be easier and cheaper to "re-set" the security data after a crisis.

No comments: