Press "Enter" to skip to content

Managing your identity

People through the ages have always had a requirement to prove in a credible and trustworthy manner that they are indeed who they say they are. Given the power that comes with a person authenticating their identity, it follows naturally that the art of identity fraud has become prevalent in areas where a lot of importance is attached to a person’s identity.

South Africa in general has become extremely dependent on a person’s ID number to achieve simple authentication. In essence not a bad idea, given that the process of issuing a verifiable ID number is firstly secure, trusted, and audited, and secondly that the only issuers of such ID numbers are authorised to do so. Unfortunately these two guidelines aren’t followed, and we live in a country where you can buy a fake ID book for about R200.

The digital landscape for identity management has become increasingly important as well, given the growing dependency on converging technologies as an enabler, specifically for monetary transactions. Of course there has been, and always will be, as much digital activity with regards to identity theft as there exists for more traditional physical identity theft, but it seems as if managing identities digitally is really a much easier task — in principal, of course.

Digital identity management unfortunately requires a lot of infrastructure and change, and given the “Big Brother” paranoia that comes with the technology, you soon realise that the ideal scenario of removing the human factor from the authentication and authorisation process might just remain a pipe dream for the foreseeable future, especially for the masses. Controlling and managing digital identities within an isolated environment, like a big company, is essentially much easier, and although this helps, it hardly affects the bigger picture.

Standardisation and acceptance of identities between the different identity providers is another problem that has been troubling the digital identity-management landscape. Different vendors come up with different mechanisms, standards and strategies, and ultimately people end up with fantastic systems that work really well, but only in specific areas or places. So you end up with multiple digital “identities” that leave you with an even bigger headache to manage the sheer number of things to avoid people acting fraudulently on your behalf — hardly an improvement.

So given the above problems and issues, how exactly do you manage your own identity? Be suspicious and validate why somebody requires your identity-related information, especially over the phone; make sure that your identity documentation is secure and still where you think it is; and realise how much importance that 13-digit number carries in South Africa especially.

Keep an eye on your financial accounts, and report fraudulent activity immediately. In short, don’t trust anybody, and hope that people start focusing on putting the systems and processes in place to curb the corruption that accompanies this very serious aspect of everyday life.

Author

  • Alwyn Van Niekerk is a systems architect currently specialising in identity and access management, having written, designed, and architected many large-scale enterprise Java systems. He has a keen interest in Linux and OSS and the current next-generation game-console war, and frequently heads to the countryside with his wife on their motorcycles to forget completely about all of the above ...

3 Comments

  1. John John 9 May 2008

    South African Identity management strategies seems to be favouring complexity, I came across a site (www.verizone.co.za) which takes a simplistic yet brilliant look at online Identity. I can only hope these guys know what to do next with their ideas.

    J. Holms

  2. Roger Roger 9 May 2008

    Massive increase in fraud crimes should make the government and banks realise that their data protection and Chip and PIN systems are diverting rather than deterring fraud crimes.

    This shows that fraud will continue to grow until they exploit KEY and PIN system described on website http://www.xwave.co.uk which will deter BOTH identity and card fraud by making signature and PIN systems reliable and foolproof.

    Fake documents have made our signature system unreliable while skimmers and pin-hole cameras etc. have made PIN system unreliable. We have option to make signatures reliable by personalising them with ID stickers and option to use Card Key Code to make PIN system reliable to make use of stolen and skimmed cards meaningless. By ignoring to exploit this system banks are only letting fraud crimes grow.

    ID KEY system will eliminate the need for us to protect our personal and card details since fraudsters will be deterred from misusing these stolen details.

    Proposed ID KEY can be treated as a reliable international ID card because it will personalise signature and PIN number to only the right individuals in any country.

    We hope that the government and banks will appreciate these details and exploit KEY and PIN system before it is too late to stop a fraud boom.

  3. Andrew Andrew 17 June 2008

    I looked at and wenrt one step further by registering via SMS on Verizone.co.za, as John suggested. I am very supprisded with the accuracy it identified my names and other credentials. I need this sort of thing for my business. I believe something like this should be governing MXiT and Facebook etc

Leave a Reply