Fragmented identity is stronger

The Register doesn’t ususally do thoughtful and considered, but there’s an article today which expresses identify management thinking in unusually comprehensible language.  It all sounds profoundly sensible to me – and if no longer the absolute opposite of ID card thinking, still a good way away from where the discussions are within government.

There are so many aspects identity in our daily lives that we have not sufficiently handled in the online world: evolution and replacement of identifiers, anonymous financial transactions (cash), mutual authentication (I authenticate to a service, but I’m not sure it’s really the intended service), as well as partitioning and isolation of various system breaches and failures, information leakage and more. By dividing up identity into multiple pieces we can get the business and technological incentive to prevent companies from storing more information than they need. We need to unify identity systems in the sense of being able to communicate between them; we don’t want to unify them in the sense of having only one system.

Multiple identity providers bring added benefits. You’ll have one place to update your details rather than hundreds and with less data duplication there’s less opportunity for anything to go wrong. And the benefits to the businesses you’re dealing with could give them an incentive to push this kind of system. The less identity information you store, the less there is to store securely and in a compliant manner.