Now, I realize that Gates role as MS Chief Software Architecht is to push the envelope and capabilities of the technology market, but this concept of a password-less internet is way more than 3-4 years away. I am not sure the capabilities to build this trust can exist in that time frame, and if they are successful how are consumers and vendors going to buy into this model?Gates said trust ecosystems exist in the physical world, where those who break the trust can suffer a damaged reputation or be convicted of a crime. He said the concept must be extended to the Internet through more trustworthy code and devices, and outlined steps the software giant is taking to get there.
"Passwords are the weak link," Gates told his audience. "We need to move in the direction of smart cards, and multi-factor authentication must be built into the system itself. We need the ability to track what goes on and have a built-in recovery system."
He said the goal is to move beyond passwords in three to four years.
I know as a consumer, I am not just going to hand over access to all my personal information, without a serious committment from the vendor that my account and information is being seriously protected by all entities involved in the process. I know that many companies will subcontract much of this work out. Where I might trust my bank, how do I know I can trust every large and small vendor working with the banks IT group, ensuring their privacy policies are being adhered too? I personally am not going to trust my ISP or my OS, to talk to my bank, to talk to Ebay, to talk to Amazon, etc.
This pie-in-the-sky utopian goal of no internet passwords also does not consider market competition. Under this solution Microsoft is going to be able to present me consolidated financial statements, since it will possess my authentication standards for all my various accounts. How easy will it become for Citibank, Wachovia, or JP Morgan, etc, to know what assets I have with their competitors. They might become recipients of competitive information, which they could potentially use to influence the market.
Needless to say, I am very skeptical about the technology, and the implementation of this solution. Although there is value in improving the user experience at individual websites through Identity management,(Single Sign-on, Federated ID Management, etc.), I don't want those credentials following me to the next site. But that is just me.
No comments:
Post a Comment