US unveils plan to make online transactions safer

Jun 26, 2010 By LOLITA C. BALDOR , Associated Press Writer
This screen shot of the U.S. Department of Homeland Security website set up to gather input from experts and everyday Internet users on how a voluntary internet identification system should be structured. The website was already getting votes, snipes and suggestions Friday afternoon _ underscoring the incendiary nature of any discussion of Internet regulation or formal structure. (AP Photo)

(AP) -- In the murky world of the Internet, how do you ever really know who you're talking to, who you're buying from or if your bank can actually tell it's you when you log in to pay a bill?

Amid growing instances of identity theft, bank account breaches and sophisticated Internet scams, the government is looking for ways to make those transactions in cyberspace more secure.

But officials must tread carefully, as efforts to create identity cards, personal certificates or other systems of identifiers raise privacy worries and fears of Big Brother tracking its citizens online.

In a draft plan released Friday, the White House laid out an argument for a yet-undeveloped, voluntary identification system and set up a website to gather input from experts and everyday Internet users on how it should be structured.

The website was already getting votes, snipes and suggestions Friday afternoon - underscoring the incendiary nature of any discussion of Internet regulation or formal structure.

"The technology that has brought many benefits to our society and has empowered us to do so much has also empowered those who are driven to cause harm," said White House cyber coordinator Howard Schmidt in a blog posting Friday outlining the need for better security online.

The plan, he said, envisions a future in which people would be able to get a secure identifier - such as a smart identity card or a digital certificate - from a variety of service providers. Customers could then use the card or identifier to prove who they are as they make their online transactions.

"Digital authentication has been the holy grail of Internet security policy since the early '90s," said James Lewis, expert and senior fellow at the Washington-based Center for Strategic and International Studies. This latest effort, he said, has a better chance of succeeding than previous tries, "but we need to see how much opposition it runs into and whether people will actually use it even if it gets deployed."

Ari Schwartz, vice president at the Center for Democracy and Technology, said the unfettered openness of the Internet is what allowed it to grow and prosper but also created security gaps that need to be addressed. But any move to improve identity systems raises many concerns.

"The whole thing is very difficult to do and privacy is one of the more difficult pieces of it," said Schwartz, adding that the system has to balance efforts to maintain privacy while still finding out enough about someone to ensure his identity.

The government, he said, is correct to try to plan ways to move toward better security, rather than letting it just happen with no coordination.

But cyber security experts also argued that the technologies for creating such identifiers already exist and are already used in different ways by businesses, particularly banks.

"The vision they put forth is already realized and commercially available," said Roger Thornton, a cyber security expert and chief technology officer for California-based Fortify Software.

He noted that banks already use sophisticated fingerprinting processes to identify a customer who signs in. The system knows if a customer is using a different computer and will often require additional identification if that computer has not been used for the banking website before.

But many companies don't bother with the more expensive or complex identification systems.

So, said Thornton, "the opportunity is there to make things more interoperable and more uniform."

The draft plan is part of an administration effort to promote cyber security both within the government and among society as a whole. Lawmakers have introduced a number of bills aimed at furthering those goals, and the plan was met with initial support from one of the authors of Senate computer legislation.

Explore further: LinkedIn membership hits 300 million

More information: Draft report: http://www.nstic.ideascale.com
White House blog: http://tinyurl.com/34qtu4c

3.5 /5 (6 votes)
add to favorites email to friend print save as pdf

Related Stories

White House picks new cyber coordinator

Dec 22, 2009

(AP) -- The White House has tapped a corporate cyber security expert and former Bush administration official to lead the effort to shore up the country's computer networks and better coordinate with companies that operate ...

Experts say US must do more to secure the Internet

Feb 23, 2010

(AP) -- The government must take a more active role in securing the Internet, industry experts told Congress Tuesday, arguing that as businesses and governments rely more on cyberspace the prospect of a serious attack grows.

US wants privacy in new cyber security system

Jul 03, 2009

(AP) -- The Obama administration is moving cautiously on a new pilot program that would both detect and stop cyber attacks against government computers, while trying to ensure citizen privacy protections.

Recommended for you

LinkedIn membership hits 300 million

20 hours ago

The career-focused social network LinkedIn announced Friday it has 300 million members, with more than half the total outside the United States.

Researchers uncover likely creator of Bitcoin

Apr 18, 2014

The primary author of the celebrated Bitcoin paper, and therefore probable creator of Bitcoin, is most likely Nick Szabo, a blogger and former George Washington University law professor, according to students ...

White House updating online privacy policy

Apr 18, 2014

A new Obama administration privacy policy out Friday explains how the government will gather the user data of online visitors to WhiteHouse.gov, mobile apps and social media sites. It also clarifies that ...

User comments : 1

Adjust slider to filter visible comments by rank

Display comments: newest first

skipm
not rated yet Jun 26, 2010
The federal government moves to slow. By the time they come up with an idea. the hacker will be onto something else...

More news stories

Airbnb rental site raises $450 mn

Online lodging listings website Airbnb inked a $450 million funding deal with investors led by TPG, a source close to the matter said Friday.

Health care site flagged in Heartbleed review

People with accounts on the enrollment website for President Barack Obama's signature health care law are being told to change their passwords following an administration-wide review of the government's vulnerability to the ...

Under some LED bulbs whites aren't 'whiter than white'

For years, companies have been adding whiteners to laundry detergent, paints, plastics, paper and fabrics to make whites look "whiter than white," but now, with a switch away from incandescent and fluorescent lighting, different ...

Impact glass stores biodata for millions of years

(Phys.org) —Bits of plant life encapsulated in molten glass by asteroid and comet impacts millions of years ago give geologists information about climate and life forms on the ancient Earth. Scientists ...

Researchers successfully clone adult human stem cells

(Phys.org) —An international team of researchers, led by Robert Lanza, of Advanced Cell Technology, has announced that they have performed the first successful cloning of adult human skin cells into stem ...