19. Why Identity Systems Might Collapse Under Their Own Ambition
Will identity ecosystems be too big to succeed?
“Too big to fail” is something we all know, but will identity ecosystems be “too big to succeed?”
Some may succeed, but every aspiring identity ecosystem faces two brutal realities:
1. A single security failure can mean extinction
2. They will be relentlessly targeted by technologists, hackers, and the media
Extinction
Any transactional ecosystem has a value proposition based on the performance level it provides to consumers (e.g. service level, response time, security, cost). If an ecosystem has a high value proposition, expectations will be sky high. A single security failure will likely bring the whole edifice crashing down.
Think currency! Currency has real value and is expected to be 100% secure. What happens when a currency can be easily counterfeited – mayhem. If it is generally easy to print your own money, no one will use the real stuff. It has to be foolproof. If counterfeiting became endemic, the only viable approach would be to reissue the currency. That is why countries stay ahead of the game and don’t wait for the problems to occur.
Age assurance using a driver’s license does not have the same high value proposition. It is accepted that it is not 100% Yes, some fakes are made and some people abuse various systems using them. But the costs of the negative outcomes is not so high. So we tolerate them and the ecosystem remains operating.
Identity ecosystems occupy a unique space — not quite life-or-death like medical infrastructure, but close. They are foundational to trust, access, and legitimacy in digital interactions. If there is any question about an identity ecosystem’s trustworthiness, the fallout will be cataclysmic.
The best identity example I know of is Estonia, the poster child of good identity. But in August, 2017 a vulnerability was found in the smartcards that were central to the Estonia identity solution and it was effectively shut down. Fortunately, the cards themselves didn’t need to be reissued — but all certificates did. Queues formed at police stations as citizens rushed to complete the process.
Estonia made a pragmatic choice to halt operations because it really had no choice. Once the vulnerability was known, there was every chance it would be exploited so they had to act.
For an identity ecosystem , one security failure can mean extinction.
Identity is an enticing domain for tech innovators — but it’s no easy game. The cost of getting it wrong is immense.
A Target
There are many people out there who may be quite keen to target a national identity ecosystem.
For threat actors, the kudos gained would be extreme. These shady people gain satisfaction and notoriety through the amount of damage they can inflict – taking down a national identity ecosystem would be the ultimate hack.
Closely associated with threat actors are state-sponsored groups. The geopolitical and economic disruption from disabling a nation’s identity infrastructure would be immense. They will try!
At the same time, ethical hackers, researchers, and concerned citizens will test the system too — often with good intentions, hoping to catch vulnerabilities before real damage occurs.
And then there’s the media and social media — both serious and hysterical. In today’s world, everyone has a say.
I experienced this when I led the launch of Fastnet banking in the 1990s. Bruce Shepherd was a well-known internet guru at the time and he raised some security concerns with the executive at the ASB predicting that phishing attacks would destroy our service within weeks of launch. He had a point, of course, albeit somewhat exaggerated. Rather than battle Bruce, I hired him to do a monthly security report. I received one report. We never heard from him again!
That was a different era. Now the scale and diversity of attackers is far greater. An identity ecosystem will be a target.
Too Big to Succeed
For identity ecosystems there is no room for error and everyone is watching. Being overly ambitious will likely lead to fragile solutions. This must be avoided – entrepreneurs, regulators, developers, and implementors of identity ecosystems must take their responsibilities seriously.
To design identity systems that won’t collapse under their own weight, we need to start not with abstract ideals, but with our current technology landscape — legacy infrastructure, the internet, consumer digital devices, and institutional IT assets. That’s where we’ll begin next time.
All the best
Alan
Clear and well thought through Alan. Thank you.