People through the ages have always had a requirement to prove in a credible and trustworthy manner that they are indeed who they say they are. Given the power that comes with a person authenticating their identity, it follows naturally that the art of identity fraud has become prevalent in areas where a lot of importance is attached to a person’s identity.

South Africa in general has become extremely dependent on a person’s ID number to achieve simple authentication. In essence not a bad idea, given that the process of issuing a verifiable ID number is firstly secure, trusted, and audited, and secondly that the only issuers of such ID numbers are authorised to do so. Unfortunately these two guidelines aren’t followed, and we live in a country where you can buy a fake ID book for about R200.

The digital landscape for identity management has become increasingly important as well, given the growing dependency on converging technologies as an enabler, specifically for monetary transactions. Of course there has been, and always will be, as much digital activity with regards to identity theft as there exists for more traditional physical identity theft, but it seems as if managing identities digitally is really a much easier task — in principal, of course.

Digital identity management unfortunately requires a lot of infrastructure and change, and given the “Big Brother” paranoia that comes with the technology, you soon realise that the ideal scenario of removing the human factor from the authentication and authorisation process might just remain a pipe dream for the foreseeable future, especially for the masses. Controlling and managing digital identities within an isolated environment, like a big company, is essentially much easier, and although this helps, it hardly affects the bigger picture.

Standardisation and acceptance of identities between the different identity providers is another problem that has been troubling the digital identity-management landscape. Different vendors come up with different mechanisms, standards and strategies, and ultimately people end up with fantastic systems that work really well, but only in specific areas or places. So you end up with multiple digital “identities” that leave you with an even bigger headache to manage the sheer number of things to avoid people acting fraudulently on your behalf — hardly an improvement.

So given the above problems and issues, how exactly do you manage your own identity? Be suspicious and validate why somebody requires your identity-related information, especially over the phone; make sure that your identity documentation is secure and still where you think it is; and realise how much importance that 13-digit number carries in South Africa especially.

Keep an eye on your financial accounts, and report fraudulent activity immediately. In short, don’t trust anybody, and hope that people start focusing on putting the systems and processes in place to curb the corruption that accompanies this very serious aspect of everyday life.


Alwyn Van Niekerk

Alwyn Van Niekerk

Alwyn Van Niekerk is a systems architect currently specialising in identity and access management, having written, designed, and architected many large-scale enterprise Java systems. He has a keen interest...

Leave a comment