On Nov 18, 2009, at 6:16 PM, Anne & Lynn Wheeler wrote:
... we could moved to a "person-centric" paradigm ... where a person
could use the same token for potentially all their interactions ...
we claimed we do something like two orders magnitude reduction in
fully-loaded costs by going to no personalization (and other
things) ... and then another two orders magnitude reduction in
number of tokens by transitioning from institutional-centric
paradigm to person-centric paradigm (compared to proposed smartcard/
dongle replacing every pin/password).
we then came up against that the bank marketing departments have
taken advantage of the requirement for institutional
personalization ... to put their brand and other stuff on every
token....
It goes deeper than that. Oh, sure, marketing loves having a presence
- but their desire fits into corporate cultural biases.
When I go to work, I have to carry two key cards - one for the
building, one for my employer. They use the same technology - if you
use the wrong one, the reader beeps in recognition but of course won't
unlock the door. In fact, they interfere with each other - you have
to make sure to keep the "wrong" one a couple of inches away from the
reader or it will usually be confused. It's a pain, actually.
Now, it's certainly possible that there's something proprietary on one
card or the other - though as we've discussed here before, that's only
true on badly designed systems: It's no big deal to read these cards,
and from many times the inch or so that the standard readers require.
So all that should be on the cards is an essentially random number
which acts as a key into the lock systems database. It's just that
the owners of each system insist on assigning that random number
themselves. Does it give them any additional security? Hardly. If
you think through the scenarios, you confirm that quickly - a direct
consequence of the lack of any inherent value in the card or its
contained number in and of themselves: The real value is in the
database entry, and both institutions retain control of their own
databases.
What's needed is some simple cooperation and agreement on how to
assign unique numbers to each card. There already has to be
cooperation on the issuance and invalidation of building cards. But
institutions insist on their sense of control and independence, even
when it has no real payoffs for them (and, in fact, raises their costs).
-- Jerry
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com