Strong Authentication and Privacy – A Contradiction in Terms?

Written by

You know that I am not a big fan of the requirement for having all Internet users authenticate strongly. There are people in the security arena who think that this is the only way to fight cybercrime – and in parallel accept that they would kill freedom of speech.

I recently had a good discussion where somebody gave the following example: Would we be able to get completely rid of crime? Probably yes, if we would be ready to give up all our privacy and accept a 24-7 surveillance of everybody (I am not sure whether it would even work then, but we could get close to it). However, this is definitely not acceptable, socially speakin g – not in the physical world, nor on the Internet. Nevertheless we want to have a certain level of assurance if we offer some service.

This is where U-Prove comes in. We just announced the availability of the U-Prove CTP at RSA. This by itself is great news. However, when I talked about the concept, people sometimes failed to understand what this really means – now I think we have a great showcase:

The German government will offer its citizens the possibility to apply for an eID starting in November. Additionally, the Fraunhofer institute worked on leveraging U-Prove together with the German eID. An awesome case. Look at the video:


From my point of view, this technology is something you should think about and think about how to leverage it.


What’s hot on Infosecurity Magazine?