Irdial’s foolproof secure passport system has been mentioned on numerous occasions, although only in relation to border control. Last night an application came to mind which would be an easy way of demonstrating the principles of the system in a real world, small-scale situation.
The application involves the issuing of a secure card that authorises the user to access a service. The card can then be checked by a different individual to access the service. This is analogous to IPS issuing a secure passport and passing through border control.
The application is a secure and anonymous mailbox/deposit box company.
The client registers in one office and has a digital photgraph taken, they also have the option to include a passphrase and PIN. Becaus ethis is a commercial application the company assigns client ID and box number and key. All this information is encrypted and put on the card.
No information needs to be printed onto the plastic card so its function remains unknown to a third party (although for a passport various bits of information could be displayed), the information on the chip cann only be decrypted by the issuer who only needs to database the client ID and box number (for billing purposes).
The client is unknown to the company except for the client ID, a third party can use the card to pay bills (a remote card reader and secure website could be used to send bill payment and the the encrypted ID to the mailbox company) but not access the mailbox (as the photograph they cannot access would not fit), furthermore the client can pay in cash and thus remain anonymous whilst continuing to access the service.
The mailbox room has a security guard to control access, the client presents their card to the guard who can then use a terminal to display the photograph and any additional measures the client wanted to be included. The client ID can be read and sent to the accounts database so access can be denied if they have not payed their bills.
If the validation is successful the client can use the encrypted key on their card to access the mailbox and retreive their mail.
Er.. that’s it.
This would be a good demonstration because:
It is directly analogous to how passports should be issued and validated.
It allows cash payment and so can provide a client base whose identity could not be otherwise compromised.
It is scalable.
It is open to competition without compromising security (analogous to different countries being able to use the system).
It provides a useful service in itself.